CVE-2014-4646

Foxit PDF SDK <3.1.1.5005 - RCE

Title source: llm

Description

Buffer overflow in the FPDFBookmark_GetTitle method in Foxit PDF SDK DLL before 3.1.1.5005 allows context-dependent attackers to execute arbitrary code via unspecified vectors.

References (3)

[Vendor Advisory] http://www.foxitsoftware.com/support/security_bulletins.php#FRD-20

[Third Party Advisory] http://www.zerodayinitiative.com/advisories/ZDI-14-214

[Third Party Advisory] http://secunia.com/advisories/59494

Scores

EPSS 0.0500

EPSS Percentile 89.5%

Classification

CWE

CWE-119

Status draft

Affected Products (1)

foxitsoftware/foxit_pdf_sdk_dll < 3.1.1.2927

Timeline

Published Jul 07, 2014

Tracked Since Feb 18, 2026