4.4
CVE-2015-2789
- EPSS 3.19%
- Veröffentlicht 30.03.2015 14:59:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Foxitsoftware ≫ Foxit Reader Version6.1
Foxitsoftware ≫ Foxit Reader Version6.1.2
Foxitsoftware ≫ Foxit Reader Version6.1.4
Foxitsoftware ≫ Foxit Reader Version6.2
Foxitsoftware ≫ Foxit Reader Version6.2.1
Foxitsoftware ≫ Foxit Reader Version7.0
Foxitsoftware ≫ Foxit Reader Version7.0.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.19% | 0.864 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.4 | 3.4 | 6.4 |
AV:L/AC:M/Au:N/C:P/I:P/A:P
|
http://packetstormsecurity.com/files/130840/Foxit-Reader-7.0.6.1126-Privilege-Escalation.html
http://www.exploit-db.com/exploits/36390
http://www.foxitsoftware.com/support/security_bulletins.php#FRD-25
http://www.securityfocus.com/bid/73432
http://www.securitytracker.com/id/1031879
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5235.php