CVE-2010-20010
BaseFortify
Publication date: 2025-08-20
Last updated on: 2025-08-22
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| foxit | pdf_reader | <4.2.0.0928 |
| foxit | pdf_reader | 4.2.0.0928 |
| foxit | pdf_reader | 4.1.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in Foxit PDF Reader versions before 4.2.0.0928, where the application does not properly check the length of the /Title entry in the PDF Info dictionary. An attacker can create a specially crafted PDF file with an excessively long Title string that overflows a fixed-size stack buffer. This overflow corrupts the Structured Exception Handler (SEH) chain, which can be exploited to execute arbitrary code with the privileges of the user who opens the malicious PDF file.
How can this vulnerability impact me? :
If you open a maliciously crafted PDF file in a vulnerable version of Foxit PDF Reader, an attacker could execute arbitrary code on your system with your user privileges. This could lead to unauthorized actions such as installing malware, stealing data, or taking control of your system.