Security News > 2017 > August > Two Critical Zero-Day Flaws Disclosed in Foxit PDF Reader (The Hackers News)
2017-08-17 10:46
Are you using Foxit PDF Reader? If yes, then you need to watch your back. Security researchers have discovered two zero-day critical security vulnerabilities in Foxit Reader software that could allow attackers to execute arbitrary code on a targeted computer, if not configured to open files in the Safe Reading Mode. The first vulnerability (CVE-2017-10951) is a command injection bug discovered
News URL
Related news
- Cisco warns of critical RCE zero-days in end of life IP phones (source)
- Critical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218) (source)
- Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Days (source)
- Windows driver zero-day exploited by Lazarus hackers to install rootkit (source)
- Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access (source)
- Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control (source)
- Hackers are exploiting critical bug in LiteSpeed Cache plugin (source)
- Chinese Volt Typhoon hackers exploited Versa zero-day to breach ISPs, MSPs (source)
- South Korean hackers exploited WPS Office zero-day to deploy malware (source)
- Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-08-29 | CVE-2017-10951 | OS Command Injection vulnerability in Foxitsoftware Foxit Reader 8.3.0.14878 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. | 6.8 |