Kaspersky LabKLA10517KLA10517 Privilege escalation in Foxit Reader
4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
25.1%
Search path vulnerability was found in Foxit Reader Cloud plugin. By exploiting this vulnerability malicious users gain privileges. This vulnerability can be exploited locally via files manipulation.
Original advisories
Exploitation
Public exploits exist for this vulnerability.
Related products
CVE list
CVE-2015-2789 warning
Solution
Update to the latest version
Impacts
- PE
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Affected Products
- Foxit Reader versions from 6.1 to 7.0.6.1126
Related
4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
25.1%