Vulnerability Description
Foxit PDF Reader before 4.2.0.0928 does not properly bound-check the /Title entry in the PDF Info dictionary. A specially crafted PDF with an overlong Title string can overflow a fixed-size stack buffer, corrupt the Structured Exception Handler (SEH) chain, and lead to arbitrary code execution in the context of the user who opens the file.
Related Weaknesses (CWE)
References
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exp
- https://www.exploit-db.com/exploits/15514/
- https://www.exploit-db.com/exploits/15532
- https://www.exploit-db.com/exploits/16621
- https://www.foxit.com/pdf-reader/version-history.html
- https://www.vulncheck.com/advisories/foxit-pdf-reader-title-stack-buffer-overflo
FAQ
What is CVE-2010-20010?
CVE-2010-20010 is a documented vulnerability. Foxit PDF Reader before 4.2.0.0928 does not properly bound-check the /Title entry in the PDF Info dictionary. A specially crafted PDF with an overlong Title string can overflow a fixed-size stack buff...
How severe is CVE-2010-20010?
CVSS scoring is not yet available for CVE-2010-20010. Check NVD for updates.
Is there a patch for CVE-2010-20010?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.