View RSS Feed

c0dist

  1. (CVE-2016-8856) Foxit Reader for Linux and Mac: Local Privilege Escalation Writeup

    Hi guys,

    Recently, I stumbled on a very simple bug in Foxit Reader for Mac and Linux (From here on, just Foxit Reader). The vulnerability was caused by improper file permissions granted on core Foxit Reader's files on Linux and Mac systems. An attacker with a low privilege access could've exploited this vulnerability to elevate their privileges, execute commands as a higher privileged user, or both.

    The version affected were:

    Foxit Reader for Mac 2.1.0.0804 ...
    Tags: -1' Add / Edit Tags
    Categories
    Uncategorized