CVE-2015-2789

Foxit Reader <7.0.6.1126 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-2789. PoCs published by LiquidWorm.

AI-analyzed exploit summary This is a writeup describing an unquoted service path vulnerability in Foxit Reader's 'FoxitCloudUpdateService', which could allow local privilege escalation if an attacker can place an executable in the system root path.

Description

Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder.

Exploits (1)

exploitdb WRITEUP

by LiquidWorm · textlocalwindows

https://www.exploit-db.com/exploits/36390

View Code ZIP pw:eip

This is a writeup describing an unquoted service path vulnerability in Foxit Reader's 'FoxitCloudUpdateService', which could allow local privilege escalation if an attacker can place an executable in the system root path.

Classification

Writeup 100%

Attack Type

Lpe

Complexity

Moderate

Reliability

Theoretical

Target: Foxit Reader 7.0.6.1126 and 6.1

Auth required

Prerequisites: Local access to the system · Ability to write to the system root path

MITRE ATT&CK