Lucene search

[email protected]CVE-2011-3690

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2011-3690

2022-10-0316:15:07

[email protected]

web.nvd.nist.gov

cve-2011-3690

plotsoft

pdfill pdf editor

vulnerability

local users

privilege escalation

trojan horse

mfc70enu.dll

mfc80loc.dll

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.4%

JSON

Untrusted search path vulnerability in PlotSoft PDFill PDF Editor 8.0 allows local users to gain privileges via a Trojan horse mfc70enu.dll or mfc80loc.dll in the current working directory.

Affected configurations

NVD

Node

plotsoftpdfill_pdf_editorMatch8.0

CPENameOperatorVersion
plotsoft:pdfill_pdf_editorplotsoft pdfill pdf editoreq8.0

CPE	Name	Operator	Version
plotsoft:pdfill_pdf_editor	plotsoft pdfill pdf editor	eq	8.0

References

www.solutionary.com/index/SERT/Vuln-Disclosures/PDFill-Insecure-Library.html

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.4%

JSON

Related for CVE-2011-3690

openvas2 prion1 nvd1 cvelist1