Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-2186Improper Input Validation in PDF Reader

CWE-20Improper Input Validation7 documents4 sources
Severity
6.8MEDIUMNVD
NVD5.0CNA5.0
EPSS
11.9%
top 6.25%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Foxit PDF ReaderFoxit Software Reader
Timeline
PublishedApr 24
Latest updateMay 1

Description

Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

🔴Vulnerability Details

4
GHSA
GHSA-vpj8-2w67-c8qh: Foxit Reader 22022-05-01
GHSA
GHSA-rrx6-76rv-6pj8: Foxit Reader 22022-05-01
CVEList
CVE-2008-1942: Foxit Reader 22008-04-24
CVEList
CVE-2007-2186: Foxit Reader 22007-04-24

💥Exploits & PoCs

1
Exploit-DB
Foxit Reader 2.0 - 'PDF' Remote Denial of Service2007-04-20
CVE-2007-2186 — Improper Input Validation in PDF Reader | cvebase