Summary
The host is installed with Foxit Reader and is prone to multiple Denial of Service vulnerabilities.
Impact
Successful exploitation will let attacker execute arbitrary code or crash an affected application.
Impact Level: Application
Solution
Upgrade to the latest version.
http://www.foxitsoftware.com/downloads/
Insight
Multiple errors exist in the Foxit JPEG2000/JBIG2 Decoder add-on.
- An error occures while processing a negative value for the stream offset in a JPX stream.
- A fatal error while decoding JPX header which results in a subsequent invalid address access.
Affected
Foxit Reader 3.0 before Build 1817 and JPEG2000/JBIG2 Decoder before 2.0.2009.616.
References
Severity
Classification
-
CVE CVE-2009-0690, CVE-2009-0691 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Reader PDF Handling Denial Of Service Vulnerability (Linux)
- Allegro Software RomPager 2.10 Denial of Service
- CA eTrust SCM Multiple HTTP Gateway Service Vulnerabilities
- ClamAV 'find_stream_bounds()' PDF File Processing Denial Of Service Vulnerability
- Google Chrome Multiple Denial of Service Vulnerabilities - March12 (Linux)