PlotSoft PDFill PDF Editor Untrusted Search Path Vulnerability Network Vulnerability

Summary

This host is installed with PlotSoft PDFill PDF Editor and is prone to untrusted search path vulnerability.

Impact

Successful exploitation will allow local users to gain privileges via a Trojan horse mfc70enu.dll or mfc80loc.dll in the current working directory. Impact Level: Application

Solution

Upgrade to version 9.0 or later, For updates refer to http://www.pdfill.com/download.html

Insight

The flaw is due to untrusted search path vulnerability, which allows local users to gain privileges.

Affected

PlotSoft PDFill PDF Editor version 8.0

References

http://olex.openlogic.com/wazi/2011/pdfill-pdf-editor-8-0-medium/
http://www.security-database.com/detail.php?alert=CVE-2011-3690

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3690

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Linux)
Adobe Air Multiple Vulnerabilities June-2012 (Windows)
Aastra IP Telephone Hardcoded Telnet Password Security Bypass Vulnerability
Adobe ExtendedScript Toolkit (ESTK) Insecure Library Loading Vulnerability (Win)
Adobe Acrobat Out-of-bounds Vulnerability Feb15 (Windows)

Take action and discover your vulnerabilities