CVE-2015-2789 - Vulnerability Details - OpenCVE

Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Foxitsoftware	Foxit Reader

Configuration 1 [-]

OR	cpe:2.3:a:foxitsoftware:foxit_reader:6.1:::::::*
	cpe:2.3:a:foxitsoftware:foxit_reader:6.1.2:::::::*
	cpe:2.3:a:foxitsoftware:foxit_reader:6.1.4:::::::*
	cpe:2.3:a:foxitsoftware:foxit_reader:6.2:::::::*
	cpe:2.3:a:foxitsoftware:foxit_reader:6.2.1:::::::*
	cpe:2.3:a:foxitsoftware:foxit_reader:7.0:::::::*
	cpe:2.3:a:foxitsoftware:foxit_reader:7.0.6:::::::*

No data.

References

Link	Providers
http://packetstormsecurity.com/files/130840/Foxit-Reader-7.0.6.1126-Privilege-Escalation.html
http://www.exploit-db.com/exploits/36390
http://www.foxitsoftware.com/support/security_bulletins.php#FRD-25
http://www.securityfocus.com/bid/73432
http://www.securitytracker.com/id/1031879
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5235.php

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2015-03-30T14:00:00

Updated: 2024-08-06T05:24:38.900Z

Reserved: 2015-03-30T00:00:00

Link: CVE-2015-2789

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2015-03-30T14:59:09.053

Modified: 2025-04-12T10:46:40.837

Link: CVE-2015-2789

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-03-09T00:00:00", "descriptions": [{"lang": "en", "value": "Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-01T16:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "73432", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/73432"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/130840/Foxit-Reader-7.0.6.1126-Privilege-Escalation.html"}, {"name": "1031879", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1031879"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.foxitsoftware.com/support/security_bulletins.php#FRD-25"}, {"tags": ["x_refsource_MISC"], "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5235.php"}, {"name": "36390", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/36390"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-2789", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "73432", "refsource": "BID", "url": "http://www.securityfocus.com/bid/73432"}, {"name": "http://packetstormsecurity.com/files/130840/Foxit-Reader-7.0.6.1126-Privilege-Escalation.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/130840/Foxit-Reader-7.0.6.1126-Privilege-Escalation.html"}, {"name": "1031879", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031879"}, {"name": "http://www.foxitsoftware.com/support/security_bulletins.php#FRD-25", "refsource": "CONFIRM", "url": "http://www.foxitsoftware.com/support/security_bulletins.php#FRD-25"}, {"name": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5235.php", "refsource": "MISC", "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5235.php"}, {"name": "36390", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/36390"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T05:24:38.900Z"}, "title": "CVE Program Container", "references": [{"name": "73432", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/73432"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/130840/Foxit-Reader-7.0.6.1126-Privilege-Escalation.html"}, {"name": "1031879", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1031879"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.foxitsoftware.com/support/security_bulletins.php#FRD-25"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5235.php"}, {"name": "36390", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/36390"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-2789", "datePublished": "2015-03-30T14:00:00", "dateReserved": "2015-03-30T00:00:00", "dateUpdated": "2024-08-06T05:24:38.900Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "BBCF7F04-61D5-4710-967E-88ED852F39D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:6.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "B0CB6692-919F-4C38-B7D4-FDAA64ED2E9B", "vulnerable": true}, {"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:6.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "21F07967-599D-4A37-9940-42208E831C47", "vulnerable": true}, {"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "5569F618-ACE5-45D5-AE13-4A77AAA3F334", "vulnerable": true}, {"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "99BEB81B-C9F5-4CCC-B4C9-4485901049D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "6CC020B5-23C0-457C-B826-FF0468AFFD63", "vulnerable": true}, {"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:7.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "1379798D-CADA-42DA-9FE7-469808CF55F3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder."}, {"lang": "es", "value": "Vulnerabilidad de b\u00fasqueda de ruta en Windows sin entrecomillar en el servicio de actualizaciones seguras Foxit Cloud en el plugin Cloud en Foxit Reader 6.1 hasta 7.0.6.1126 permite a usuarios locales ganar privilegios a trav\u00e9s de un programa troyano en la carpeta %SYSTEMDRIVE%."}], "evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/426.html\">CWE-426: Untrusted Search Path</a>", "id": "CVE-2015-2789", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-03-30T14:59:09.053", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/130840/Foxit-Reader-7.0.6.1126-Privilege-Escalation.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://www.exploit-db.com/exploits/36390"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.foxitsoftware.com/support/security_bulletins.php#FRD-25"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/73432"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1031879"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5235.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/130840/Foxit-Reader-7.0.6.1126-Privilege-Escalation.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://www.exploit-db.com/exploits/36390"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.foxitsoftware.com/support/security_bulletins.php#FRD-25"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/73432"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1031879"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5235.php"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}