How severe is CVE-2023-37330?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2023-37330?

This is classified as CWE-749, which is a common weakness in software security.

CVE-2023-37330 - HIGH Severity | CVSS 7.8

Vulnerability Description

Kofax Power PDF exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the exportAsText method. The application exposes a JavaScript interface that allows the attacker to write arbitrary files. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-20230.

Related Vulnerabilities

CVE-2018-19322

HIGH

CVSS:7.8(High)

The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to re...

CWE-7492018

CVE-2020-12927

HIGH

CVSS:7.8(High)

A potential vulnerability in a dynamically loaded AMD driver in AMD VBIOS Flash Tool SDK may allow any authenticated user to escalate privileges to NT authority system.

CWE-7492020

CVE-2020-12928

HIGH

CVSS:7.8(High)

A vulnerability in a dynamically loaded AMD driver in AMD Ryzen Master V15 may allow any authenticated user to escalate privileges to NT authority system.

CWE-7492020

CVE-2022-37365

HIGH

CVSS:7.8(High)

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must...

CWE-7492022

CVE-2023-27363

HIGH

CVSS:7.8(High)

Foxit PDF Reader exportXFAData Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF...

CWE-7492023

CVE-2023-27364

HIGH

CVSS:7.8(High)

Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit ...

CWE-7492023