CVE-2024-38393

high

Description

Remote exploitation of a design error vulnerability in Foxit’s PDF Reader and PDF Editor could allow an attacker to gain escalated privileges on the targeted host. A design error vulnerability exists in PDF Reader and PDF Editor. This error occurs due to improper resource permissions, signature validation, certificate checks, weak randomness in temporary folder names, or DLL loading without a manifest file.

Details

Source: Mitre, NVD

Published: 2024-09-26

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

Detections

Analytics