11 matches found
CVE-2011-10030
Foxit PDF Reader 4.3.1.0218 exposes a JavaScript API function, createDataObject, that allows untrusted PDF content to write arbitrary files anywhere on disk. By embedding a malicious PDF that calls this API, an attacker can drop executables or scripts into privileged folders, leading to code...
CVE-2011-10030 Foxit PDF Reader < 4.3.1.0218 JavaScript File Write
Foxit PDF Reader 4.3.1.0218 exposes a JavaScript API function, createDataObject, that allows untrusted PDF content to write arbitrary files anywhere on disk. By embedding a malicious PDF that calls this API, an attacker can drop executables or scripts into privileged folders, leading to code...
CVE-2011-10030
Foxit PDF Reader before 4.3.1.0218 is affected by CVE-2011-10030 due to a JavaScript API function createDataObject() that allows untrusted PDF content to write arbitrary files anywhere on disk. By embedding a malicious PDF that calls this API, an attacker can drop executables or scripts into priv...
Foxit PDF Reader 安全漏洞
Foxit PDF Reader is a PDF reader from the Chinese company Foxit Foxit. A security vulnerability exists in Foxit PDF Reader versions prior to 4.3.1.0218, which stems from a JavaScript API function createDataObject that allows writing to arbitrary files, potentially resulting in code execution...
CVE-2023-39506
PDF-XChange Editor createDataObject Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...
CVE-2023-39506
PDF-XChange Editor createDataObject Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...
CVE-2023-39506
PDF-XChange Editor createDataObject Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...
CVE-2023-39506 PDF-XChange Editor createDataObject Directory Traversal Remote Code Execution Vulnerability
PDF-XChange Editor createDataObject Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...
CVE-2023-39506 PDF-XChange Editor createDataObject Directory Traversal Remote Code Execution Vulnerability
PDF-XChange Editor createDataObject Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...
CVE-2023-39506
PDF-XChange Editor contains a Directory Traversal vulnerability in the createDataObject path validation, enabling arbitrary code execution via user-controlled paths. The flaw allows code execution in the current user context after the user visits a malicious page or opens a crafted file, requirin...
PDF-XChange Editor 安全漏洞
PDF-XChange Editor is a PDF file viewing software from PDF-XChange, Inc. that runs on Microsoft Windows systems. A security vulnerability exists in PDF-XChange Editor that originates from a createDataObject directory traversal remote code execution vulnerability...