CVE-2010-20010
Foxit PDF Reader < 4.2.0.0928 Title Stack Buffer Overflow
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Foxit PDF Reader before 4.2.0.0928 does not properly bound-check the /Title entry in the PDF Info dictionary. A specially crafted PDF with an overlong Title string can overflow a fixed-size stack buffer, corrupt the Structured Exception Handler (SEH) chain, and lead to arbitrary code execution in the context of the user who opens the file.
| CWE | CWE-121 |
| Vendor | foxit software |
| Product | foxit pdf reader |
| Published | Aug 20, 2025 |
| Last Updated | Apr 7, 2026 |
Stay Ahead of the Next One
Get instant alerts for foxit software foxit pdf reader
Be the first to know when new unknown vulnerabilities affecting foxit software foxit pdf reader are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Foxit Software / Foxit PDF Reader
* < 4.2.0.0928
References
exploit-db.com: https://www.exploit-db.com/exploits/15532 exploit-db.com: https://www.exploit-db.com/exploits/16621 raw.githubusercontent.com: https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/foxit_title_bof.rb exploit-db.com: https://www.exploit-db.com/exploits/15514/ foxit.com: https://www.foxit.com/pdf-reader/version-history.html vulncheck.com: https://www.vulncheck.com/advisories/foxit-pdf-reader-title-stack-buffer-overflow
Credits
dookie