This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.
A PDF viewer installed on the remote host is affected by a remote code
The version of Foxit Reader installed on the remote Windows host is
prior to 4.1.1.0805. It is, therefore, affected by a remote code
execution vulnerability in the FreeType engine due to multiple
stack-based buffer overflow conditions in the CFF Type2 CharStrings
interpreter, specifically within the function
cff_decoder_parse_charstrings(). An attacker can exploit this, via
crafted CFF opcodes in embedded fonts in a PDF document, to cause a
denial of service or to execute arbitrary code with the user's
See also :
Upgrade to Foxit Reader version 4.1.1.0805 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true