Описание
A File Write can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API Doc.createDataObject is used. An attacker can leverage this to gain remote code execution.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.5.0 (включая)
Одновременно
cpe:2.3:a:foxitsoftware:foxit_pdf_sdk_activex:*:*:*:*:professional:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00354
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-732
Связанные уязвимости
github
больше 3 лет назад
A File Write can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API Doc.createDataObject is used. An attacker can leverage this to gain remote code execution.
EPSS
Процентиль: 57%
0.00354
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-732