The next time you open the file, you’ll have to find your place again. Solution Upgrade to Foxit PDF Reader version 11.2.This can be frustrating if you were in the middle of reading a long PDF file and you have to shut down your computer. (CVE-2018-1285) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files.
(CVE-2021-44740, CVE-2021-44741) - Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. Exploitation of this issue requires user interaction in that a victim must open a malicious file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. (CVE-2021-44708, CVE-2021-44709) - Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Null pointer dereference vulnerability when parsing a specially crafted file. It is, therefore affected by multiple vulnerabilities: - Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a heap overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Synopsis A PDF viewer installed on the remote Windows host is affected by multiple vulnerabilities Description According to its version, the Foxit PDF Reader application (previously named Foxit Reader) installed on the remote Windows host is prior to 11.2.1.
0 kommentar(er)
