Security News > 2017 > August > Two Critical Zero-Day Flaws Disclosed in Foxit PDF Reader (The Hackers News)
2017-08-17 10:46
Are you using Foxit PDF Reader? If yes, then you need to watch your back. Security researchers have discovered two zero-day critical security vulnerabilities in Foxit Reader software that could allow attackers to execute arbitrary code on a targeted computer, if not configured to open files in the Safe Reading Mode. The first vulnerability (CVE-2017-10951) is a command injection bug discovered
News URL
Related news
- XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells (source)
- Hackers Use CAPTCHA Trick on Webflow CDN PDFs to Bypass Security Scanners (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- US charges Chinese hackers linked to critical infrastructure breaches (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- Critical flaw in Next.js lets hackers bypass authorization (source)
- Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-29 | CVE-2017-10951 | OS Command Injection vulnerability in Foxitsoftware Foxit Reader 8.3.0.14878 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. | 8.8 |