Unrated severityNVD Advisory· Published Jun 24, 2011· Updated Apr 29, 2026
CVE-2011-1908
CVE-2011-1908
Description
Integer overflow in the Type 1 font decoder in the FreeType engine in Foxit Reader before 4.0.0.0619 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font in a PDF document.
Affected products
12cpe:2.3:a:foxitsoftware:foxit_reader:*:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:foxitsoftware:foxit_reader:*:*:*:*:*:*:*:*range: <=4.0
- cpe:2.3:a:foxitsoftware:foxit_reader:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:foxitsoftware:foxit_reader:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:foxitsoftware:foxit_reader:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:foxitsoftware:foxit_reader:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:foxitsoftware:foxit_reader:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:foxitsoftware:foxit_reader:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:foxitsoftware:foxit_reader:3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:foxitsoftware:foxit_reader:3.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:foxitsoftware:foxit_reader:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:foxitsoftware:foxit_reader:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:foxitsoftware:foxit_reader:3.3.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- www.foxitsoftware.com/products/reader/security_bulletins.phpnvdPatchVendor Advisory
- www.microsoft.com/technet/security/advisory/msvr11-005.mspxnvdThird Party Advisory
- www.securityfocus.com/bid/48359nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/68145nvd
News mentions
0No linked articles in our index yet.