Vulnerabilities > CVE-2015-2789 - Unspecified vulnerability in Foxitsoftware Foxit Reader
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN foxitsoftware
exploit available
Summary
Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 7 |
Exploit-Db
| description | Foxit Reader 7.0.6.1126 - Unquoted Service Path Elevation Of Privilege. CVE-2015-2789. Local exploit for windows platform |
| file | exploits/windows/local/36390.txt |
| id | EDB-ID:36390 |
| last seen | 2016-02-04 |
| modified | 2015-03-16 |
| platform | windows |
| port | |
| published | 2015-03-16 |
| reporter | LiquidWorm |
| source | https://www.exploit-db.com/download/36390/ |
| title | Foxit Reader 7.0.6.1126 - Unquoted Service Path Elevation Of Privilege |
| type | local |
References
- http://packetstormsecurity.com/files/130840/Foxit-Reader-7.0.6.1126-Privilege-Escalation.html
- http://packetstormsecurity.com/files/130840/Foxit-Reader-7.0.6.1126-Privilege-Escalation.html
- http://www.exploit-db.com/exploits/36390
- http://www.exploit-db.com/exploits/36390
- http://www.foxitsoftware.com/support/security_bulletins.php#FRD-25
- http://www.foxitsoftware.com/support/security_bulletins.php#FRD-25
- http://www.securityfocus.com/bid/73432
- http://www.securityfocus.com/bid/73432
- http://www.securitytracker.com/id/1031879
- http://www.securitytracker.com/id/1031879
- http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5235.php
- http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5235.php