Lucene search

[email protected]CVE-2017-5364

HistoryJan 13, 2017 - 9:59 a.m.

CVE-2017-5364

2017-01-1309:59:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2017-5364

memory corruption

foxit pdf toolkit

dos

remote code execution

vulnerability

pdf

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.004 Low

EPSS

Percentile

73.0%

JSON

Memory Corruption Vulnerability in Foxit PDF Toolkit v1.3 allows an attacker to cause Denial of Service and Remote Code Execution when the victim opens the specially crafted PDF file. The Vulnerability has been fixed in v2.0.

Affected configurations

NVD

Node

foxitsoftwarefoxit_pdf_toolkitMatch1.3

CPENameOperatorVersion
foxitsoftware:foxit_pdf_toolkitfoxitsoftware foxit pdf toolkiteq1.3

CPE	Name	Operator	Version
foxitsoftware:foxit_pdf_toolkit	foxitsoftware foxit pdf toolkit	eq	1.3

References

www.securityfocus.com/bid/95356

www.foxitsoftware.com/support/security-bulletins.php

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.004 Low

EPSS

Percentile

73.0%

JSON

Related for CVE-2017-5364

cvelist1 nvd1 openvas1 prion1