KLA10026OAF vulnerability in Foxit

2014-05-24T00:00:00
ID KLA10026
Type kaspersky
Reporter Kaspersky Lab
Modified 2018-12-04T00:00:00

Description

CVSS:

7.5

Detect date:

05/24/2014

Severity:

High

Description:

An XSS vulnerability was found in Foxit Reader, Foxit Enterprise Reader and Foxit PhantomPDF. By exploiting this vulnerability malicious users can overwrite registry entries and load malicious files. This vulnerability can be exploited locally at a point related to the Recent Documents section of the Start Page.

Affected products:

Foxit Reader versions 6.2.0.0429 and earlier
Foxit Enterprise Reader versions 6.2.0.0429 and earlier
Foxit PhantomPDF versions 6.2.0.0429 and earlier

Solution:

Update to latest version
Foxit PDF Reader

Original advisories:

Foxit bulletin

Related products:

Foxit Reader