Vulnerabilities > Foxitsoftware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-08-24 | CVE-2008-7031 | Buffer Errors vulnerability in Foxitsoftware WAC Server 2.0 Heap-based buffer overflow in Foxit Remote Access Server (aka WAC Server) 2.0 Build 3503 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SSH packets, a different vulnerability than CVE-2008-0151. | 10.0 |
| 2009-06-23 | CVE-2009-0691 | Resource Management Errors vulnerability in Foxitsoftware Foxit Reader and Jpeg2000 Jbig2 Decoder Add-On The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a fatal error during decoding of a JPEG2000 (aka JPX) header, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted PDF file that triggers an invalid memory access. | 9.3 |
| 2009-06-23 | CVE-2009-0690 | Numeric Errors vulnerability in Foxitsoftware Foxit Reader and Jpeg2000/Jbig2 Decoder Add-On The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 (aka JPX) stream, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted PDF file that triggers an out-of-bounds read. | 9.3 |
| 2009-03-10 | CVE-2009-0836 | Buffer Errors vulnerability in Foxitsoftware Reader 2.3/3.0 Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 1120 and 1301, does not require user confirmation before performing dangerous actions defined in a PDF file, which allows remote attackers to execute arbitrary programs and have unspecified other impact via a crafted file, as demonstrated by the "Open/Execute a file" action. | 10.0 |
| 2009-03-10 | CVE-2009-0191 | Code Injection vulnerability in Foxitsoftware Foxit Reader 2.3/3.0/3.0.2009.1301 Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 3.0.2009.1301, does not properly handle a JBIG2 symbol dictionary segment with zero new symbols, which allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a dereference of an uninitialized memory location. | 9.3 |
| 2008-05-21 | CVE-2008-1104 | Buffer Errors vulnerability in Foxitsoftware Foxit Reader 2.0/2.2/2.3 Stack-based buffer overflow in Foxit Reader before 2.3 build 2912 allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file, related to the util.printf JavaScript function and floating point specifiers in format strings. | 9.3 |
| 2008-01-09 | CVE-2008-0151 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Foxitsoftware WAC Server 2.0/2.1.0.910 Heap-based buffer overflow in Foxit WAC Server 2.1.0.910, 2.0 Build 3503, and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Telnet request with long options. | 10.0 |