CVE-2015-8843

The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Reader 6.1 through 6.2.x and 7.x before 7.2.2, when an update to the Cloud plugin is available, allows local users to gain privileges by writing crafted data to a shared memory region, which triggers memory corruption.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.4 HIGH
LOCAL
HIGH
NONE
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
VendorProductVersion
foxitsoftwarefoxit_reader
6.1
foxitsoftwarefoxit_reader
6.1.2
foxitsoftwarefoxit_reader
6.1.4
foxitsoftwarefoxit_reader
6.2
foxitsoftwarefoxit_reader
6.2.1
foxitsoftwarefoxit_reader
7.0
foxitsoftwarefoxit_reader
7.0.1
foxitsoftwarefoxit_reader
7.0.6
foxitsoftwarefoxit_reader
7.1.5
foxitsoftwarefoxit_reader
7.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.zerodayinitiative.com/advisories/ZDI-15-640
https://www.foxitsoftware.com/support/security-bulletins.php#FRD-35
http://www.zerodayinitiative.com/advisories/ZDI-15-640
https://www.foxitsoftware.com/support/security-bulletins.php#FRD-35