Lucene search
PRIOn knowledge basePRION:CVE-2017-10951HistoryAug 29, 2017 - 1:29 p.m.
Design/Logic Flaw
2017-08-2913:29:00
PRIOn knowledge base
www.prio-n.com
3
0.067 Low
EPSS
Percentile
93.9%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within app.launchURL method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-4724.
| CPE | Name | Operator | Version |
|---|---|---|---|
| foxit_reader | eq | 8.3.0.14878 |
Related
zdi
zdi
cvelist
cvelist
CVE-2017-10951
2017-08-29 13:00:00
checkpoint_advisories
checkpoint_advisories
Foxit Reader PDF Command Injection Remote Code Execution (CVE-2017-10951)
2017-08-23 00:00:00
nvd
nvd
CVE-2017-10951
2017-08-29 13:29:00
cve
cve
CVE-2017-10951
2017-08-29 13:29:00
threatpost
threatpost
Foxit to Fix PDF Reader Zero Days by Friday
2017-08-22 12:33:26
myhack58
myhack58
nessus
nessus
Foxit Reader < 8.3.2 Multiple Vulnerabilities
2017-08-31 00:00:00
Foxit PhantomPDF < 8.3.2 Multiple Vulnerabilities
2017-08-31 00:00:00
thn
thn
Two Critical Zero-Day Flaws Disclosed in Foxit PDF Reader
2017-08-17 06:46:00
openvas
openvas
seebug
seebug
kaspersky
kaspersky
KLA11093 Arbitrary code execution vulnerabilities in Foxit Reader
2017-08-17 00:00:00