Security News > 2017 > August > Two Critical Zero-Day Flaws Disclosed in Foxit PDF Reader (The Hackers News)
2017-08-17 10:46
Are you using Foxit PDF Reader? If yes, then you need to watch your back. Security researchers have discovered two zero-day critical security vulnerabilities in Foxit Reader software that could allow attackers to execute arbitrary code on a targeted computer, if not configured to open files in the Safe Reading Mode. The first vulnerability (CVE-2017-10951) is a command injection bug discovered
News URL
Related news
- Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks (source)
- Urgent: Apple Issues Critical Updates for Actively Exploited Zero-Day Flaws (source)
- CISA shares critical infrastructure defense tips against Chinese hackers (source)
- Hackers earn $1,132,500 for 29 zero-days at Pwn2Own Vancouver (source)
- US sanctions APT31 hackers behind critical infrastructure attacks (source)
- Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack (source)
- Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack (source)
- MITRE says state hackers breached its network via Ivanti zero-days (source)
- Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks (source)
- Russian Sandworm hackers targeted 20 critical orgs in Ukraine (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-29 | CVE-2017-10951 | OS Command Injection vulnerability in Foxitsoftware Foxit Reader 8.3.0.14878 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. | 6.8 |