First published: Thu May 09 2024(Updated: )
KioWare for Windows (versions all through 8.34) allows to escape the environment by downloading PDF files, which then by default are opened in an external PDF viewer. By using built-in functions of that viewer it is possible to launch a web browser, search through local files and, subsequently, launch any program with user privileges.
Credit: cvd@cert.pl
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.