Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistCERT-PLCVELIST:CVE-2024-3459
HistoryMay 09, 2024 - 10:13 a.m.

CVE-2024-3459

2024-05-0910:13:03
CWE-424
CERT-PL
raw.githubusercontent.com
4
kioware
windows
pdf
escape
vulnerability
viewer
web browser
user privileges

8.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.1%

JSON

KioWare for Windows (versions all through 8.34) allows to escape the environment by downloading PDF files, which then by default are opened in an external PDF viewer. By using built-in functions of that viewer it is possible to launch a web browser, search through local files and, subsequently, launch any program with user privileges.

Related

cve 1
cve
cve
CVE-2024-3459
2024-05-14 15:41:12

8.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.1%

JSON
Related for CVELIST:CVE-2024-3459
cve1