CVE-2011-1908

Integer overflow in the Type 1 font decoder in the FreeType engine in Foxit Reader before 4.0.0.0619 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font in a PDF document.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
VendorProductVersion
foxitsoftwarefoxit_reader
𝑥
≤ 4.0
foxitsoftwarefoxit_reader
2.0
foxitsoftwarefoxit_reader
2.2
foxitsoftwarefoxit_reader
2.3
foxitsoftwarefoxit_reader
3.0
foxitsoftwarefoxit_reader
3.1
foxitsoftwarefoxit_reader
3.1.1
foxitsoftwarefoxit_reader
3.1.3
foxitsoftwarefoxit_reader
3.1.4
foxitsoftwarefoxit_reader
3.2
foxitsoftwarefoxit_reader
3.2.1
foxitsoftwarefoxit_reader
3.3.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.foxitsoftware.com/products/reader/security_bulletins.php#freetype
http://www.microsoft.com/technet/security/advisory/msvr11-005.mspx
http://www.securityfocus.com/bid/48359
https://exchange.xforce.ibmcloud.com/vulnerabilities/68145
http://www.foxitsoftware.com/products/reader/security_bulletins.php#freetype
http://www.microsoft.com/technet/security/advisory/msvr11-005.mspx
http://www.securityfocus.com/bid/48359
https://exchange.xforce.ibmcloud.com/vulnerabilities/68145