Lucene search

[email protected]CVE-2020-35990

HistoryAug 11, 2023 - 2:15 p.m.

CVE-2020-35990

2023-08-1114:15:11

CWE-120

[email protected]

web.nvd.nist.gov

cve-2020-35990

buffer overflow

cfilenameinit

foxit software

pdf reader

dos

nvd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.3%

JSON

Buffer Overflow vulnerability in cFilenameInit parameter in browseForDoc function in Foxit Software Foxit PDF Reader version 10.1.0.37527, allows local attackers to cause a denial of service (DoS) via crafted .pdf file.

Affected configurations

NVD

Node

foxitpdf_readerRange≤10.1.0.37527

CPENameOperatorVersion
foxit:pdf_readerfoxit pdf readerle10.1.0.37527

CPE	Name	Operator	Version
foxit:pdf_reader	foxit pdf reader	le	10.1.0.37527

References

foxit.com

www.foxitsoftware.com/support/security-bulletins.php

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.3%

JSON

Related for CVE-2020-35990

cvelist1 cnvd1 prion1 nvd1