CVE-2015-2790

Severity CVSS v4.0:
Pending analysis
Type:
CWE-20 Input Validation
Publication date:
30/03/2015
Last modified:
12/04/2025

Description

Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted (1) Ubyte Size in a DataSubBlock structure or (2) LZWMinimumCodeSize in a GIF image.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:foxitsoftware:enterprise_reader:*:*:*:*:*:*:*:* 7.0.6.1126 (including)
cpe:2.3:a:foxitsoftware:foxit_reader:*:*:*:*:*:*:*:* 7.0.6.1126 (including)
cpe:2.3:a:foxitsoftware:phantompdf:*:*:*:*:*:*:*:* 7.0.6.1126 (including)