How severe is CVE-2022-37365?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2022-37365?

This is classified as CWE-749, which is a common weakness in software security.

CVE-2022-37365 - HIGH Severity | CVSS 7.8

Vulnerability Description

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the saveAs method. The application exposes a JavaScript interface that allows the attacker to write arbitrary files. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-17527.

Related Vulnerabilities

CVE-2018-19322

HIGH

CVSS:7.8(High)

The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to re...

CWE-7492018

CVE-2020-12927

HIGH

CVSS:7.8(High)

A potential vulnerability in a dynamically loaded AMD driver in AMD VBIOS Flash Tool SDK may allow any authenticated user to escalate privileges to NT authority system.

CWE-7492020

CVE-2020-12928

HIGH

CVSS:7.8(High)

A vulnerability in a dynamically loaded AMD driver in AMD Ryzen Master V15 may allow any authenticated user to escalate privileges to NT authority system.

CWE-7492020

CVE-2023-27363

HIGH

CVSS:7.8(High)

Foxit PDF Reader exportXFAData Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF...

CWE-7492023

CVE-2023-27364

HIGH

CVSS:7.8(High)

Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit ...

CWE-7492023

CVE-2023-27365

HIGH

CVSS:7.8(High)

Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit ...

CWE-7492023