Back to search
CVE-2009-0690
Published: Jun 23, 2009
Modified: Sep 16, 2024
PUBLISHED
Description
The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 (aka JPX) stream, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted PDF file that triggers an out-of-bounds read.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
35442
vdb-entry
x_refsource_BID
http://www.foxitsoftware.com/pdf/reader/security.htm#0602
x_refsource_CONFIRM
1022425
vdb-entry
x_refsource_SECTRACK
VU#251793
third-party-advisory
x_refsource_CERT-VN
35512
third-party-advisory
x_refsource_SECUNIA
ADV-2009-1640
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now