Описание
In Foxit Reader 10.1.0.37527, a specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
Ссылки
- ExploitTechnical DescriptionThird Party Advisory
- ExploitTechnical DescriptionThird Party Advisory
Уязвимые конфигурации
EPSS
8 High
CVSS3
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
In Foxit Reader 10.1.0.37527, a specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
Уязвимость программы для просмотра текста Foxit Reader и программы редактирования PDF-файлов Foxit PhantomPDF, связанная с использованием памяти после ее освобождения, позволяющая нарушителю выполнить произвольный код
EPSS
8 High
CVSS3
8.8 High
CVSS3
6.8 Medium
CVSS2