Lucene search
MitreCVE-2014-8074HistoryOct 17, 2014 - 3:55 p.m.
CVE-2014-8074
2014-10-1715:55:07
CWE-119
mitre
web.nvd.nist.gov
24
cve-2014-8074
buffer overflow
foxit pdf
activex
remote code execution
security vulnerability
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
8.1
Confidence
High
EPSS
0.627
Percentile
97.8%
Buffer overflow in the SetLogFile method in Foxit.FoxitPDFSDKProCtrl.5 in Foxit PDF SDK ActiveX 2.3 through 5.0.1820 before 5.0.2.924 allows remote attackers to execute arbitrary code via a long string, related to global variables.
Affected configurations
Node
foxitsoftwarefoxit_pdf_sdk_activexMatch2.3
ORfoxitsoftwarefoxit_pdf_sdk_activexMatch3.0
ORfoxitsoftwarefoxit_pdf_sdk_activexMatch4.0
ORfoxitsoftwarefoxit_pdf_sdk_activexMatch5.0.0
ORfoxitsoftwarefoxit_pdf_sdk_activexMatch5.0.1.820
| Vendor | Product | Version | CPE |
|---|---|---|---|
| foxitsoftware | foxit_pdf_sdk_activex | 2.3 | cpe:2.3:a:foxitsoftware:foxit_pdf_sdk_activex:2.3:*:*:*:*:*:*:* |
| foxitsoftware | foxit_pdf_sdk_activex | 3.0 | cpe:2.3:a:foxitsoftware:foxit_pdf_sdk_activex:3.0:*:*:*:*:*:*:* |
| foxitsoftware | foxit_pdf_sdk_activex | 4.0 | cpe:2.3:a:foxitsoftware:foxit_pdf_sdk_activex:4.0:*:*:*:*:*:*:* |
| foxitsoftware | foxit_pdf_sdk_activex | 5.0.0 | cpe:2.3:a:foxitsoftware:foxit_pdf_sdk_activex:5.0.0:*:*:*:*:*:*:* |
| foxitsoftware | foxit_pdf_sdk_activex | 5.0.1.820 | cpe:2.3:a:foxitsoftware:foxit_pdf_sdk_activex:5.0.1.820:*:*:*:*:*:*:* |
Related
prion
prion
Buffer overflow
2014-10-17 15:55:00
nvd
nvd
CVE-2014-8074
2014-10-17 15:55:07
cvelist
cvelist
CVE-2014-8074
2014-10-17 15:00:00
zdi
zdi
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
8.1
Confidence
High
EPSS
0.627
Percentile
97.8%
Related for CVE-2014-8074