[Forgot Password]
Login  Register Subscribe

23631

 
 

126951

 
 

99536

 
 

909

 
 

80128

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2015-8843

Date: (C)2016-04-28   (M)2017-12-07 


The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Reader 6.1 through 6.2.x and 7.x before 7.2.2, when an update to the Cloud plugin is available, allows local users to gain privileges by writing crafted data to a shared memory region, which triggers memory corruption.

CVSS Score: 6.9Access Vector: LOCAL
Exploit Score: 3.4Access Complexity: MEDIUM
Impact Score: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
http://www.zerodayinitiative.com/advisories/ZDI-15-640
https://www.foxitsoftware.com/support/security-bulletins.php#FRD-35

CPE    1
cpe:/a:foxitsoftware:foxit_reader:6.1
CWE    1
CWE-119
OVAL    1
oval:org.secpod.oval:def:34007

© 2013 SecPod Technologies