CVE-2017-12892
HIGHFoxit PDF Compressor 7.0.0.183-7.7.2.10 - DLL Preloading via Installer Current Working Directory
Title source: llmDescription
Foxit PDF Compressor installers from versions from 7.0.0.183 to 7.7.2.10 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://www.foxitsoftware.com/support/security-bulletins.php
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/100414
Scores
CVSS v3
7.8
EPSS
0.0348
EPSS Percentile
87.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-426
Status
published
Products (1)
foxitsoftware/pdf_compressor
Published
Aug 16, 2017
Tracked Since
Feb 18, 2026