Vulnerabilities > Foxitsoftware > Foxit Reader > 3.0.2009.1301
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-06-23 | CVE-2009-0690 | Numeric Errors vulnerability in Foxitsoftware Foxit Reader and Jpeg2000/Jbig2 Decoder Add-On The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 (aka JPX) stream, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted PDF file that triggers an out-of-bounds read. | 9.3 |
2009-03-10 | CVE-2009-0191 | Code Injection vulnerability in Foxitsoftware Foxit Reader 2.3/3.0/3.0.2009.1301 Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 3.0.2009.1301, does not properly handle a JBIG2 symbol dictionary segment with zero new symbols, which allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a dereference of an uninitialized memory location. | 9.3 |