exploitDog

GHSA-2pj4-mr9m-qwww

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files (a related issue to CVE-2018-4993). For example, an NTLM hash is sent for a link to \192.168.0.2\C$\file.pdf without user interaction.

Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files (a related issue to CVE-2018-4993). For example, an NTLM hash is sent for a link to \192.168.0.2\C$\file.pdf without user interaction.

Ссылки

EPSS

Процентиль: 84%

0.02302

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-522

Связанные уязвимости

CVE-2019-17497

CVSS3: 6.5

nvd

больше 6 лет назад

Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files (a related issue to CVE-2018-4993). For example, an NTLM hash is sent for a link to \\192.168.0.2\C$\file.pdf without user interaction.

EPSS

Процентиль: 84%

0.02302

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-522