Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom before 2.3.3.1112 allows remote attackers to execute arbitrary code via crafted ICC chunks in a PDF file, which triggers a heap-based buffer overflow.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
Foxitsoftware Foxit Reader 4.3
Foxitsoftware Foxit reader 3.2.1 (not an official CPE)
Foxitsoftware Foxit reader 3.1.3 (not an official CPE)
Foxitsoftware Foxit reader 3.3.1 (not an official CPE)
Foxitsoftware Foxit reader 3.1.4 (not an official CPE)
Foxitsoftware Foxit phantom 2.2.4 (not an official CPE)
Foxitsoftware Foxit reader 3.2 (not an official CPE)
Foxitsoftware Foxit Reader 2.3
Foxitsoftware Foxit reader 3.1 (not an official CPE)
Foxitsoftware Foxit Reader 4.0
Foxitsoftware Foxit reader 2.2 (not an official CPE)
Foxitsoftware Foxit Reader 3.0
Foxitsoftware Foxit Reader 2.0
Foxitsoftware Foxit phantom 1.0.2 (not an official CPE)
Foxitsoftware Foxit reader 4.1.1 (not an official CPE)
Foxitsoftware Foxit phantom 2.2.3 (not an official CPE)
Foxitsoftware Foxit reader 3.1.1 (not an official CPE)
Foxitsoftware Foxit phantom 2.1.1 (not an official CPE)
Foxitsoftware Foxit phantom 2.2.1 (not an official CPE)
Foxitsoftware Foxit phantom 2.0 (not an official CPE)
Foxitsoftware Foxit phantom 2.1 (not an official CPE)
Foxitsoftware Foxit phantom 2.2 (not an official CPE)
Foxitsoftware Foxit phantom 2.3 (not an official CPE)
| Advisory | Patch | Confirmed | Link |
|---|---|---|---|
| ADV-2011-0508 | |||
| 1025129 | |||
| http://www.foxitsoftware.com/pdf/reader/security_bulleti... |