CVE-2020-35990 — Classic Buffer Overflow in PDF Reader

CWE-120 — Classic Buffer Overflow3 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 92.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Foxit PDF Reader
Timeline
PublishedAug 11

Description

Buffer Overflow vulnerability in cFilenameInit parameter in browseForDoc function in Foxit Software Foxit PDF Reader version 10.1.0.37527, allows local attackers to cause a denial of service (DoS) via crafted .pdf file.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

â–¶NVDfoxit/pdf_reader10.1.0.37527

🔴Vulnerability Details

2
GHSA
GHSA-6qhr-cpg4-c66p: Buffer Overflow vulnerability in cFilenameInit parameter in browseForDoc function in Foxit Software Foxit PDF Reader version 10↗2023-08-11
â–¶
CVEList
CVE-2020-35990: Buffer Overflow vulnerability in cFilenameInit parameter in browseForDoc function in Foxit Software Foxit PDF Reader version 10↗2023-08-11
â–¶
CVE-2020-35990 — Classic Buffer Overflow in PDF Reader | cvebase