Published: 10/03/2009 Updated: 10/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in Foxit Reader 3.0 before Build 1506, including 1120 and 1301, allows remote malicious users to execute arbitrary code via a long (1) relative path or (2) absolute path in the filename argument in an action, as demonstrated by the "Open/Execute a file" action.

Vulnerable Product	Search on Vulmon	Subscribe to Product
foxit reader3.0

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' require 'zlib' class Metasploit3 < Msf::Exploit::Remote Rank = GoodRa ...

#!/usr/bin/perl # # Foxit Reader 30 (<= Build 1301) PDF Buffer Overflow Exploit (Universal) # ------------------------------------------------------------------------ # Exploit by SkD (skdrat@hotmailcom) # # A SEH overflow occurs in this vulnerability in the popular # Foxit Reader The latest build (1506) i ...

CWE-119 http://www.foxitsoftware.com/pdf/reader/security.htm#Stackbased http://www.securityfocus.com/bid/34035 http://www.vupen.com/english/advisories/2009/0634 http://www.coresecurity.com/content/foxit-reader-vulnerabilities http://secunia.com/advisories/34036 http://www.securitytracker.com/id?1021824 https://exchange.xforce.ibmcloud.com/vulnerabilities/49136 http://www.securityfocus.com/archive/1/501623/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/18905/

CVE-2009-0837

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect