CVE-2009-0690

Name of the Vulnerable Software and Affected Versions Foxit Reader versions 3.0 before Build 1817 Foxit JPEG2000/JBIG2 Decoder add-on versions before 2.0.2009.616

Description The issue arises from improper handling of a negative value for the stream offset in a JPEG2000 stream, leading to potential memory corruption and application crash, or possibly allowing execution of arbitrary code. This can be triggered by a crafted PDF file that causes an out-of-bounds read.

Recommendations For Foxit Reader version 3.0 before Build 1817, update the Foxit JPEG2000/JBIG2 Decoder add-on to version 2.0.2009.616 or later. For Foxit JPEG2000/JBIG2 Decoder add-on versions before 2.0.2009.616, update to version 2.0.2009.616 or later.