Security News > 2017 > August > Two Critical Zero-Day Flaws Disclosed in Foxit PDF Reader (The Hackers News)
2017-08-17 10:46
Are you using Foxit PDF Reader? If yes, then you need to watch your back. Security researchers have discovered two zero-day critical security vulnerabilities in Foxit Reader software that could allow attackers to execute arbitrary code on a targeted computer, if not configured to open files in the Safe Reading Mode. The first vulnerability (CVE-2017-10951) is a command injection bug discovered
News URL
Related news
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited (source)
- Iranian hackers act as brokers selling critical infrastructure access (source)
- Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland (source)
- Fortinet warns of new critical FortiManager flaw used in zero-day attacks (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Over 70 zero-day flaws get hackers $1 million at Pwn2Own Ireland (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- Palo Alto Networks tackles firewall-busting zero-days with critical patches (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-29 | CVE-2017-10951 | OS Command Injection vulnerability in Foxitsoftware Foxit Reader 8.3.0.14878 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. | 8.8 |