Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2015-2790

Published: 30/03/2015 Updated: 03/12/2016
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 440
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Phantompdf

Vulnerability Summary

Foxit Reader, Enterprise Reader, and PhantomPDF prior to 7.1 allow remote malicious users to cause a denial of service (memory corruption and crash) via a crafted (1) Ubyte Size in a DataSubBlock structure or (2) LZWMinimumCodeSize in a GIF image.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

foxitsoftware phantompdf

foxitsoftware foxit reader

foxitsoftware enterprise reader

Exploits

Exploit DB: Foxit Products GIF Conversion - 'LZWMinimumCodeSize' Memory Corruption
##################################################################################### Application: Foxit Products GIF Conversion Memory Corruption Vulnerabilities (LZWMinimumCodeSize) Platforms: Windows Versions: The vulnerability is confirmed in version Foxit Reader 7x Other versions may also be affected Secunia: SA63346 {PRL}: 2 ...
Exploit DB: Foxit Products GIF Conversion - 'DataSubBlock' Memory Corruption
##################################################################################### Application: Foxit Products GIF Conversion Memory Corruption Vulnerabilities (DataSubBlock) Platforms: Windows Versions: The vulnerability is confirmed in version Foxit Reader 7x Other versions may also be affected Secunia: SA63346 {PRL}: 2015-02 ...

References

CWE-20http://www.securitytracker.com/id/1031877http://www.foxitsoftware.com/support/security_bulletins.php#FRD-23http://www.foxitsoftware.com/support/security_bulletins.php#FRD-24http://protekresearchlab.com/PRL-2015-02/http://protekresearchlab.com/prl-2015-01prl-foxit-products-gif-conversion-memory-corruption-vulnerabilities-lzwminimumcodesize/http://securitytracker.com/id/1031878http://www.osvdb.org/119302http://www.exploit-db.com/exploits/36335http://www.osvdb.org/119303http://www.exploit-db.com/exploits/36334http://www.securityfocus.com/bid/73430https://nvd.nist.govhttps://www.exploit-db.com/exploits/36334/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook