Vulnerabilities > CVE-2020-14425 - Unspecified vulnerability in Foxitsoftware Foxit Reader 9.7.1.29511/9.7.2.29539
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
foxitsoftware
Summary
Foxit Reader before 10.0 allows Remote Command Execution via the app.opencPDFWebPage JavsScript API. An attacker can execute local files and bypass the security dialog.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |