Published: 24/06/2011 Updated: 17/08/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Integer overflow in the Type 1 font decoder in the FreeType engine in Foxit Reader prior to 4.0.0.0619 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a crafted font in a PDF document.

Vulnerable Product	Search on Vulmon	Subscribe to Product
foxitsoftware foxit reader 3.1.3
foxitsoftware foxit reader 3.1
foxitsoftware foxit reader 3.3.1
foxitsoftware foxit reader 3.1.4
foxitsoftware foxit reader 2.3
foxitsoftware foxit reader 3.0
foxitsoftware foxit reader 2.2
foxitsoftware foxit reader 2.0
foxitsoftware foxit reader 3.1.1
foxitsoftware foxit reader 3.2.1
foxitsoftware foxit reader 3.2
foxitsoftware foxit reader

CWE-189 http://www.foxitsoftware.com/products/reader/security_bulletins.php#freetype http://www.securityfocus.com/bid/48359 http://www.microsoft.com/technet/security/advisory/msvr11-005.mspx https://exchange.xforce.ibmcloud.com/vulnerabilities/68145 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-1908

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect