Arbitrary Code Execution via Integer Overflow in Foxit Reader and Phantom

Arbitrary Code Execution via Integer Overflow in Foxit Reader and Phantom

CVE-2011-0332 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom before 2.3.3.1112 allows remote attackers to execute arbitrary code via crafted ICC chunks in a PDF file, which triggers a heap-based buffer overflow.

Learn more about our Web Application Penetration Testing UK.