2 matches found
Mozilla Firefox and Firefox ESR updater.exe Privilege Bypass Vulnerability
Mozilla Firefox is an open source web browser. A security vulnerability exists in the Mozilla Firefox updater.exe file that allows local attackers to perform a symbolic link attack to write arbitrary files at program startup...
Foxit PDF Reader 4.2 Javascript File Write
This module exploits an unsafe Javascript API implemented in Foxit PDF Reader version 4.2. The createDataObject Javascript API function allows for writing arbitrary files to the file system. This issue was fixed in version 4.3.1.0218. Note: This exploit uses the All Users directory currently, whi...