Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unidocs ezPDF DRM Reader/ezPDF Reader SHFOLDER.dll uncontrolled search path
Vulnerability Description
A vulnerability was identified in Unidocs ezPDF DRM Reader and ezPDF Reader 2.0/3.0.0.4. This affects an unknown part in the library SHFOLDER.dll. Such manipulation leads to uncontrolled search path. The attack needs to be performed locally. Attacks of this nature are highly complex. It is indicated that the exploitability is difficult. The exploit is publicly available and might be used. Upgrading the affected component is recommended. The vendor explains: "[W]e have already addressed similar DLL search path vulnerability patterns through prior security updates. (...) Users are advised to use the latest version provided by the vendor."
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
Unidocs ezPDF DRM Reader和Unidocs ezPDF Reader 代码问题漏洞
Vulnerability Description
Unidocs ezPDF DRM Reader和Unidocs ezPDF Reader都是韩国Unidocs公司的一个PDF阅读器。 Unidocs ezPDF DRM Reader和Unidocs ezPDF Reader 2.0版本、3.0.0.4版本存在代码问题漏洞,该漏洞源于库SHFOLDER.dll中搜索路径不受控制,可能导致本地攻击。
CVSS Information
N/A
Vulnerability Type
N/A