CVE-2016-8856— Foxit Reader 安全漏洞

N/A

Foxit Reader for Mac 2.1.0.0804 and earlier and Foxit Reader for Linux 2.1.0.0805 and earlier suffered from a vulnerability where weak file permissions could be exploited by attackers to execute arbitrary code. After the installation, Foxit Reader's core files were world-writable by default, allowing an attacker to overwrite them with backdoor code, which when executed by privileged user would result in Privilege Escalation, Code Execution, or both.

N/A

N/A

Foxit Reader 安全漏洞

Foxit Reader是中国福昕（Foxit）软件公司的一款PDF文档阅读器。 Foxit Reader for Mac 2.1.0.0804及之前的版本和Foxit Reader for Linux 2.1.0.0805及之前的版本存在安全漏洞，该漏洞源于程序对内核文件使用默认的全局可写权限。攻击者可利用该漏洞覆盖文件，执行任意代码。

N/A

N/A