Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4337

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2012-4337
Last Modified 24 Aug 2012 12:00:00
Published 23 Aug 2012 11:55:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4337

Summary

Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote attackers to execute arbitrary code via a PDF document with a crafted attachment that triggers calculation of a negative number during processing of cross references.

Vulnerable Systems

Application

  • Foxitsoftware Foxit Reader 2.0

  • Foxitsoftware Foxit Reader 2.3

  • Foxitsoftware Foxit Reader 3.0

  • Foxitsoftware Foxit Reader 3.1.2.1013

  • Foxitsoftware Foxit Reader 3.1.2.1030

  • Foxitsoftware Foxit Reader 3.2.0.0303

  • Foxitsoftware Foxit Reader 3.2.1.0401

  • Foxitsoftware Foxit Reader 4.0

  • Foxitsoftware Foxit Reader 4.0.0.0619

  • Foxitsoftware Foxit Reader 4.1

  • Foxitsoftware Foxit Reader 4.1.1.0805

  • Foxitsoftware Foxit Reader 4.2

  • Foxitsoftware Foxit Reader 4.3

  • Foxitsoftware Foxit Reader 4.3.1.0218

  • Foxitsoftware Foxit Reader 5.0

  • Foxitsoftware Foxit Reader 5.0.2

  • Foxitsoftware Foxit Reader 5.1.0.1021

  • Foxitsoftware Foxit Reader 5.1.3

  • Foxitsoftware Foxit Reader 5.1.4.0104


References

BID - 55150

OSVDB - 84808

CONFIRM - http://www.foxitsoftware.com/Secure_PDF_Reader/security_bulletins.php

MISC - http://technet.microsoft.com/security/msvr/msvr12-013

SECTRACK - 1027424

SECUNIA - 50359


Last Updated: 27 May 2016 10:57:36