CVE-2015-2789

Exploit

EPSS 0.18%
Published 30.03.2015 14:59:09
Last modified 12.04.2025 10:46:40
Source cve@mitre.org
Teams watchlist Login
Open Login

Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder.

Affected products Warnungen 0 Metrics 2 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Foxitsoftware ≫ Foxit Reader Version6.1

Foxitsoftware ≫ Foxit Reader Version6.1.2

Foxitsoftware ≫ Foxit Reader Version6.1.4

Foxitsoftware ≫ Foxit Reader Version6.2

Foxitsoftware ≫ Foxit Reader Version6.2.1

Foxitsoftware ≫ Foxit Reader Version7.0

Foxitsoftware ≫ Foxit Reader Version7.0.6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.18%	0.394

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.4	3.4	6.4	AV:L/AC:M/Au:N/C:P/I:P/A:P

http://packetstormsecurity.com/files/130840/Foxit-Reader-7.0.6.1126-Privilege-Escalation.html

Third Party Advisory

Exploit

VDB Entry

http://www.exploit-db.com/exploits/36390

Third Party Advisory

Exploit

VDB Entry

http://www.foxitsoftware.com/support/security_bulletins.php#FRD-25

Patch

Vendor Advisory

http://www.securityfocus.com/bid/73432

http://www.securitytracker.com/id/1031879

Third Party Advisory

VDB Entry

http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5235.php

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2015-2789

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-2789

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-2789

EUVD