Lucene search
HistoryMar 30, 2015 - 2:59 p.m.
CVE-2015-2789
4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
6.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
25.1%
Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder.
Affected configurations
Node
foxitsoftwarefoxit_readerMatch6.1
ORfoxitsoftwarefoxit_readerMatch6.1.2
ORfoxitsoftwarefoxit_readerMatch6.1.4
ORfoxitsoftwarefoxit_readerMatch6.2
ORfoxitsoftwarefoxit_readerMatch6.2.1
ORfoxitsoftwarefoxit_readerMatch7.0
ORfoxitsoftwarefoxit_readerMatch7.0.6
References
Related
cve
cve
CVE-2015-2789
2015-03-30 14:59:09
cvelist
cvelist
CVE-2015-2789
2015-03-30 14:00:00
zeroscience
zeroscience
Foxit Reader 7.0.6.1126 Unquoted Service Path Elevation Of Privilege
2015-03-14 00:00:00
kaspersky
kaspersky
KLA10517 Privilege escalation in Foxit Reader
2015-03-30 00:00:00
openvas
openvas
Foxit Reader Cloud Plugin Windows Search Path Vulnerability
2015-04-07 00:00:00
Microsoft Windows Unquoted Path Vulnerability (SMB Login)
2018-03-23 00:00:00
prion
prion
Design/Logic Flaw
2015-03-30 14:59:00
4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
6.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
25.1%
Related for NVD:CVE-2015-2789