{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Reader 6.1 through 6.2.x and 7.x before 7.2.2, when an update to the Cloud plugin is available, allows local users to gain privileges by writing crafted data to a shared memory region, which triggers memory corruption."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-04-13T15:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.foxitsoftware.com/support/security-bulletins.php#FRD-35"}, {"tags": ["x_refsource_MISC"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-640"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-8843", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Reader 6.1 through 6.2.x and 7.x before 7.2.2, when an update to the Cloud plugin is available, allows local users to gain privileges by writing crafted data to a shared memory region, which triggers memory corruption."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.foxitsoftware.com/support/security-bulletins.php#FRD-35", "refsource": "CONFIRM", "url": "https://www.foxitsoftware.com/support/security-bulletins.php#FRD-35"}, {"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-640", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-640"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T08:29:22.073Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.foxitsoftware.com/support/security-bulletins.php#FRD-35"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-640"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-8843", "datePublished": "2016-04-13T15:00:00Z", "dateReserved": "2016-04-13T00:00:00Z", "dateUpdated": "2024-09-16T17:33:36.908Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "BBCF7F04-61D5-4710-967E-88ED852F39D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:6.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "B0CB6692-919F-4C38-B7D4-FDAA64ED2E9B", "vulnerable": true}, {"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:6.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "21F07967-599D-4A37-9940-42208E831C47", "vulnerable": true}, {"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "5569F618-ACE5-45D5-AE13-4A77AAA3F334", "vulnerable": true}, {"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "99BEB81B-C9F5-4CCC-B4C9-4485901049D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "6CC020B5-23C0-457C-B826-FF0468AFFD63", "vulnerable": true}, {"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "605010F1-65B7-432D-94ED-C74DA443163A", "vulnerable": true}, {"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:7.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "1379798D-CADA-42DA-9FE7-469808CF55F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:7.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "B823EB7C-16F1-43B7-8AA6-72D3AFD27FEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "1B8FA0F1-98C5-4E39-92EE-4143948081D7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Reader 6.1 through 6.2.x and 7.x before 7.2.2, when an update to the Cloud plugin is available, allows local users to gain privileges by writing crafted data to a shared memory region, which triggers memory corruption."}, {"lang": "es", "value": "El Foxit Cloud Update Service (FoxitCloudUpdateService) en Foxit Reader 6.1 hasta la versi\u00f3n 6.2.x y 7.x en versiones anteriores a 7.2.2, cuando una actualizaci\u00f3n para el plugin Cloud est\u00e1 disponible, permite a usuarios locales obtener privilegios escribiendo datos manipulados a una regi\u00f3n de memoria compartida, lo que desencadena una corrupci\u00f3n de memoria."}], "id": "CVE-2015-8843", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.4, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-04-13T15:59:10.727", "references": [{"source": "cve@mitre.org", "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-640"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.foxitsoftware.com/support/security-bulletins.php#FRD-35"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-640"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.foxitsoftware.com/support/security-bulletins.php#FRD-35"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}