CVE-2012-4337
Foxit Reader < 5.3 - Remote Code Execution via Crafted PDF Attachment
Title source: llmDescription
Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote attackers to execute arbitrary code via a PDF document with a crafted attachment that triggers calculation of a negative number during processing of cross references.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1027424
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/84808
Vendor Advisory x_refsource_misc
http://technet.microsoft.com/security/msvr/msvr12-013
Vendor Advisory x_refsource_confirm
http://www.foxitsoftware.com/Secure_PDF_Reader/security_bulletins.php
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/50359
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/55150
Scores
EPSS
0.0053
EPSS Percentile
67.5%
Details
Status
published
Products (19)
foxitsoftware/foxit_reader
2.0
foxitsoftware/foxit_reader
2.3
foxitsoftware/foxit_reader
3.0
foxitsoftware/foxit_reader
3.1.2.1013
foxitsoftware/foxit_reader
3.1.2.1030
foxitsoftware/foxit_reader
3.2.0.0303
foxitsoftware/foxit_reader
3.2.1.0401
foxitsoftware/foxit_reader
4.0
foxitsoftware/foxit_reader
4.0.0.0619
foxitsoftware/foxit_reader
4.1
... and 9 more
Published
Aug 23, 2012
Tracked Since
Feb 18, 2026