8.4
CVE-2024-25858
- EPSS 0.07%
- Veröffentlicht 05.03.2024 21:15:09
- Zuletzt bearbeitet 23.05.2025 14:45:39
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
In Foxit PDF Reader before 2024.1 and PDF Editor before 2024.1, code execution via JavaScript could occur because of an unoptimized prompt message for users to review parameters of commands.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Foxit ≫ Pdf Editor Version < 2024.4
Foxit ≫ Pdf Reader Version < 2024.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.214 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.4 | 2.5 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-450 Multiple Interpretations of UI Input
The UI has multiple interpretations of user input but does not prompt the user when it selects the less secure interpretation.