![]() It may be suggested to replace the affected object with an alternative product. There is no information about possible countermeasures known. ![]() During that time the estimated underground price was around $0-$5k. Flip PDF Professional is a powerful feature-rich flip book maker with page edit. ![]() The vulnerability was handled as a non-public zero-day exploit for at least 1 days. Flipbuilder Flip Pdf Professional v2.4.6.4 Multilingual 110.96 MB. (PRUnderground) October 22nd, 2021 E-books are increasingly popular, often out-selling printed versions. MITRE ATT&CK project uses the attack technique T1059.007 for this issue. Flip PDF Plus Pro is an innovative way to convert PDF to eBook with a polished finish. Interactive Elements: Add advertising videos, audio (voice assistant), Table of Contents, and other elements to create a more attractive look and. Ready-to-use Templates: Get access to a library of pre-made templates, themes, and dynamic scenes. Technical details are known, but no exploit is available. Key Features: PDF to HTML5 Flipbooks: Convert PDFs to interactive digital flipbooks in a few seconds. It demands that the victim is doing some kind of user interaction. No form of authentication is needed for exploitation. It is possible to initiate the attack remotely. ![]() This vulnerability is uniquely identified as CVE-2017-7384. The summary by CVE is:Ĭross-site scripting (XSS) vulnerability in FlipBuilder Flip PDF allows remote attackers to inject arbitrary web script or HTML via the currentHTMLURL parameter. This would alter the appearance and would make it possible to initiate further attacks against site visitors. An attacker might be able to inject arbitrary html and script code into the web site. This is going to have an impact on integrity. The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. The manipulation of the argument currentHTMLURL with an unknown input leads to a cross site scripting vulnerability. A high score indicates an elevated risk to be targeted for this vulnerability.Ī vulnerability classified as problematic has been found in FlipBuilder Flip PDF ( the affected version unknown). The CTI Interest Score identifies the interest of attackers and the security community for this specific vulnerability in real-time. Our Cyber Threat Intelligence team is monitoring different web sites, mailing lists, exploit markets and social media networks.
0 Comments
Leave a Reply. |