Lucene search

[email protected]NVD:CVE-2015-2790

HistoryMar 30, 2015 - 2:59 p.m.

CVE-2015-2790

2015-03-3014:59:10

CWE-20

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

High

0.781 High

EPSS

Percentile

98.3%

JSON

Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted (1) Ubyte Size in a DataSubBlock structure or (2) LZWMinimumCodeSize in a GIF image.

Affected configurations

NVD

Node

foxitsoftwareenterprise_readerRange≤7.0.6.1126

foxitsoftwarefoxit_readerRange≤7.0.6.1126

foxitsoftwarephantompdfRange≤7.0.6.1126

References

protekresearchlab.com/prl-2015-01prl-foxit-products-gif-conversion-memory-corruption-vulnerabilities-lzwminimumcodesize/

protekresearchlab.com/PRL-2015-02/

securitytracker.com/id/1031878

www.exploit-db.com/exploits/36334

www.exploit-db.com/exploits/36335

www.foxitsoftware.com/support/security_bulletins.php#FRD-23

www.foxitsoftware.com/support/security_bulletins.php#FRD-24

www.osvdb.org/119302

www.osvdb.org/119303

www.securityfocus.com/bid/73430

www.securitytracker.com/id/1031877

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

High

0.781 High

EPSS

Percentile

98.3%

JSON

Related for NVD:CVE-2015-2790

openvas2 prion1 cve1 kaspersky1 cvelist1