CVE-2012-4337

Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote attackers to execute arbitrary code via a PDF document with a crafted attachment that triggers calculation of a negative number during processing of cross references.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
VendorProductVersion
foxitsoftwarefoxit_reader
𝑥
≤ 5.1.4.0104
foxitsoftwarefoxit_reader
2.0
foxitsoftwarefoxit_reader
2.3
foxitsoftwarefoxit_reader
3.0
foxitsoftwarefoxit_reader
3.1.2.1013
foxitsoftwarefoxit_reader
3.1.2.1030
foxitsoftwarefoxit_reader
3.2.0.0303
foxitsoftwarefoxit_reader
3.2.1.0401
foxitsoftwarefoxit_reader
4.0
foxitsoftwarefoxit_reader
4.0.0.0619
foxitsoftwarefoxit_reader
4.1
foxitsoftwarefoxit_reader
4.1.1.0805
foxitsoftwarefoxit_reader
4.2
foxitsoftwarefoxit_reader
4.3
foxitsoftwarefoxit_reader
4.3.1.0218
foxitsoftwarefoxit_reader
5.0
foxitsoftwarefoxit_reader
5.0.2
foxitsoftwarefoxit_reader
5.1.0.1021
foxitsoftwarefoxit_reader
5.1.3
𝑥
= Vulnerable software versions
References
http://secunia.com/advisories/50359
http://securitytracker.com/id?1027424
http://technet.microsoft.com/security/msvr/msvr12-013
http://www.foxitsoftware.com/Secure_PDF_Reader/security_bulletins.php
http://www.osvdb.org/84808
http://www.securityfocus.com/bid/55150
http://secunia.com/advisories/50359
http://securitytracker.com/id?1027424
http://technet.microsoft.com/security/msvr/msvr12-013
http://www.foxitsoftware.com/Secure_PDF_Reader/security_bulletins.php
http://www.osvdb.org/84808
http://www.securityfocus.com/bid/55150