Security News > 2017 > August > Two Critical Zero-Day Flaws Disclosed in Foxit PDF Reader (The Hackers News)

Two Critical Zero-Day Flaws Disclosed in Foxit PDF Reader (The Hackers News)
2017-08-17 10:46

Are you using Foxit PDF Reader? If yes, then you need to watch your back. Security researchers have discovered two zero-day critical security vulnerabilities in Foxit Reader software that could allow attackers to execute arbitrary code on a targeted computer, if not configured to open files in the Safe Reading Mode. The first vulnerability (CVE-2017-10951) is a command injection bug discovered


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/BcuzGrO3-XY/two-critical-zero-day-flaws-disclosed.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2017-08-29 CVE-2017-10951 OS Command Injection vulnerability in Foxitsoftware Foxit Reader 8.3.0.14878
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878.
network
low complexity
foxitsoftware CWE-78
8.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Foxit 5 6 17 122 4 149