CVE-2008-1104

Stack-based buffer overflow in Foxit Reader before 2.3 build 2912 allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file, related to the util.printf JavaScript function and floating point specifiers in format strings.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
flexeraCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 93%
VendorProductVersion
foxitsoftwarefoxit_reader
𝑥
≤ 2.3
foxitsoftwarefoxit_reader
2.0
foxitsoftwarefoxit_reader
2.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/29941
http://secunia.com/secunia_research/2008-18/advisory/
http://securityreason.com/securityalert/3899
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=800801
http://www.kb.cert.org/vuls/id/119747
http://www.securityfocus.com/archive/1/492289/100/0/threaded
http://www.securityfocus.com/bid/29288
http://www.securitytracker.com/id?1020050
http://www.vupen.com/english/advisories/2008/1572
https://exchange.xforce.ibmcloud.com/vulnerabilities/42531
http://secunia.com/advisories/29941
http://secunia.com/secunia_research/2008-18/advisory/
http://securityreason.com/securityalert/3899
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=800801
http://www.kb.cert.org/vuls/id/119747
http://www.securityfocus.com/archive/1/492289/100/0/threaded
http://www.securityfocus.com/bid/29288
http://www.securitytracker.com/id?1020050
http://www.vupen.com/english/advisories/2008/1572
https://exchange.xforce.ibmcloud.com/vulnerabilities/42531