VYPR

Foxit Reader SDK (ActiveX) Professional

by Foxitsoftware

CVEs (7)

  • CVE-2018-19444Jun 17, 2019
    risk 0.00cvss epss 0.02

    A use after free in the TextBox field Validate action in IReader_ContentProvider can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031. An attacker can leverage this to gain remote code execution. Relative to CVE-2018-19452, this has a…

  • CVE-2018-19445Jun 17, 2019
    risk 0.00cvss epss 0.03

    A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API app.launchURL is used. An attacker can leverage this to gain remote code execution.

  • CVE-2018-19446Jun 17, 2019
    risk 0.00cvss epss 0.02

    A File Write can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API Doc.createDataObject is used. An attacker can leverage this to gain remote code execution.

  • CVE-2018-19448Jun 17, 2019
    risk 0.00cvss epss 0.02

    In Foxit Reader SDK (ActiveX) Professional 5.4.0.1031, an uninitialized object in IReader_ContentProvider::GetDocEventHandler occurs when embedding the control into Office documents. By opening a specially crafted document, an attacker can trigger an out of bounds write…

  • CVE-2018-19449Jun 17, 2019
    risk 0.00cvss epss 0.02

    A File Write can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API Doc.exportAsFDF is used. An attacker can leverage this to gain remote code execution.

  • CVE-2018-19451Jun 7, 2019
    risk 0.00cvss epss 0.03

    A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when using the Open File action on a Field. An attacker can leverage this to gain remote code execution.

  • CVE-2018-19452Jun 7, 2019
    risk 0.00cvss epss 0.03

    A use after free in the TextBox field Mouse Enter action in IReader_ContentProvider can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031. An attacker can leverage this to gain remote code execution. Relative to CVE-2018-19444, this has…