Untrusted Search Path
CVE-2011-3691
Summary
Untrusted search path vulnerability in Foxit Reader before 5.0.2.0718 allows local users to gain privileges via a Trojan horse dwmapi.dll, dwrite.dll, or msdrm.dll in the current working directory.
- MEDIUM
- NETWORK
- NONE
- COMPLETE
- COMPLETE
- COMPLETE
CWE-426 - Untrusted Search Path
The application searches for critical resources using an externally-supplied search path that can point to resources that are not under the application's direct control.
References
Advisory Timeline
- Published