Lucene search
Steven Seeley (mr_me) of Offensive SecurityZDI-17-459HistoryJul 07, 2017 - 12:00 a.m.
Foxit Reader setItem Use-After-Free Remote Code Execution Vulnerability
2017-07-0700:00:00
Steven Seeley (mr_me) of Offensive Security
www.zerodayinitiative.com
11
0.028 Low
EPSS
Percentile
90.8%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setItem function. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process.
Related
cve
cve
CVE-2017-10946
2017-10-31 19:29:00
nvd
nvd
CVE-2017-10946
2017-10-31 19:29:00
cvelist
cvelist
CVE-2017-10946
2017-10-31 19:00:00
prion
prion
Design/Logic Flaw
2017-10-31 19:29:00
openvas
openvas
kaspersky
kaspersky
KLA11031 Multiple vulnerabilities in Foxit Reader
2017-05-05 00:00:00
nessus
nessus
Foxit PhantomPDF < 8.3.1 Multiple Vulnerabilities
2017-07-13 00:00:00
Foxit Reader < 8.3.1 Multiple Vulnerabilities
2017-07-13 00:00:00