Skip to main content

Foxit Reader CVE-2012-4759

MEDIUM
2012-09-06 cve@mitre.org
6.9
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
6.9 MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:L/AC:M/Au:N/C:C/I:C/A:C
Attack Vector
Local
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C

Lifecycle Timeline

1
CVE Published
Sep 06, 2012 - 10:41 cve.org
MEDIUM 6.9

DescriptionCVE.org

Untrusted search path vulnerability in facebook_plugin.fpi in the Facebook plug-in in Foxit Reader 5.3.1.0606 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information.

AnalysisAI

Untrusted search path vulnerability in facebook_plugin.fpi in the Facebook plug-in in Foxit Reader 5.3.1.0606 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current. Rated medium severity (CVSS 6.9). No vendor patch available.

Technical ContextAI

Untrusted search path vulnerability in facebook_plugin.fpi in the Facebook plug-in in Foxit Reader 5.3.1.0606 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information. Affected products include: Foxitsoftware Foxit Reader.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2015-2790 MEDIUM POC
4.3 Mar 30

Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1 allow remote attackers to cause a denial of service (memory c

CVE-2018-9958 HIGH POC
8.8 May 17

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1

CVE-2017-10952 HIGH POC
8.8 Aug 29

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.0.2

CVE-2018-9948 MEDIUM POC
6.5 May 17

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader

CVE-2023-40194 HIGH POC
8.8 Nov 27

An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due

CVE-2023-39542 HIGH POC
8.8 Nov 27

A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356. Rated high severity (CV

CVE-2023-38573 HIGH POC
8.8 Nov 27

A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles a signature field. Rated high severit

CVE-2023-35985 HIGH POC
8.8 Nov 27

An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due

CVE-2023-32616 HIGH POC
8.8 Nov 27

A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles 3D annotations. Rated high severity (

CVE-2021-21822 HIGH POC
8.8 May 10

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. Rat

CVE-2020-13547 HIGH POC
8.8 Dec 22

A type confusion vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.3752

CVE-2020-13570 HIGH POC
8.8 Dec 22

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.0.37527. Rat

Share

CVE-2012-4759 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy