Lucene search
MitreVULNRICHMENT:CVE-2024-32488HistoryApr 15, 2024 - 12:00 a.m.
CVE-2024-32488
2024-04-1500:00:00
mitre
github.com
1
foxit pdf reader
local privilege escalation
update checks
weak permissions
crafted dll files
In Foxit PDF Reader and Editor before 2024.1, Local Privilege Escalation could occur during update checks because weak permissions on the update-service folder allow attackers to place crafted DLL files there.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"vendor": "foxit",
"product": "pdf_reader",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "2023.3.0.23028"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"vendor": "foxit",
"product": "pdf_editor",
"versions": [
{
"status": "affected",
"version": "11.0.0",
"versionType": "custom",
"lessThanOrEqual": "11.2.8.53842"
},
{
"status": "affected",
"version": "12.0.0",
"versionType": "custom",
"lessThanOrEqual": "12.1.4.15400"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"vendor": "foxit",
"product": "pdf_editor",
"versions": [
{
"status": "affected",
"version": "13.0",
"lessThan": "13.0.1.21693",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"vendor": "foxit",
"product": "pdf_editor",
"versions": [
{
"status": "affected",
"version": "2023.0",
"versionType": "custom",
"lessThanOrEqual": "2023.3.0.23028"
}
],
"defaultStatus": "unknown"
}
]Related
cve
cve
CVE-2024-32488
2024-04-15 06:15:07
nvd
nvd
CVE-2024-32488
2024-04-15 06:15:07
cvelist
cvelist
CVE-2024-32488
2024-04-15 00:00:00
kaspersky
kaspersky
KLA64774 Multiple vulnerabilities in Foxit PDF Reader
2024-03-05 00:00:00
nessus
nessus
Foxit PDF Reader < 2024.1 Multiple Vulnerabilities
2024-03-05 00:00:00
Foxit PDF Editor < 2024.1 Multiple Vulnerabilities
2024-03-05 00:00:00
Foxit PDF Editor < 12.1.5 Multiple Vulnerabilities
2024-04-28 00:00:00
openvas
openvas
Foxit PhantomPDF Multiple Vulnerabilities (June 2024)
2024-06-20 00:00:00
Foxit Reader Multiple Vulnerabilities (June 2024)
2024-06-20 00:00:00
AI Score
7.2
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-32488