4.4

CVE-2015-2789

Exploit
Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FoxitsoftwareFoxit Reader Version6.1
FoxitsoftwareFoxit Reader Version6.1.2
FoxitsoftwareFoxit Reader Version6.1.4
FoxitsoftwareFoxit Reader Version6.2
FoxitsoftwareFoxit Reader Version6.2.1
FoxitsoftwareFoxit Reader Version7.0
FoxitsoftwareFoxit Reader Version7.0.6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.19% 0.864
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.4 3.4 6.4
AV:L/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://packetstormsecurity.com/files/130840/Foxit-Reader-7.0.6.1126-Privilege-Escalation.html
Third Party Advisory
Exploit
VDB Entry
http://www.exploit-db.com/exploits/36390
Third Party Advisory
Exploit
VDB Entry
http://www.foxitsoftware.com/support/security_bulletins.php#FRD-25
Patch
Vendor Advisory
http://www.securityfocus.com/bid/73432
http://www.securitytracker.com/id/1031879
Third Party Advisory
VDB Entry
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5235.php
Third Party Advisory