A use after free in the TextBox field Mouse Enter action in IReader_ContentProvider can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031. An attacker can leverage this to gain remote code execution
Reporter | Title | Published | Views | Family All 10 |
---|---|---|---|---|
NVD | CVE-2018-19444 | 17 Jun 201920:15 | – | nvd |
NVD | CVE-2018-19452 | 7 Jun 201917:29 | – | nvd |
CVE | CVE-2018-19444 | 17 Jun 201920:15 | – | cve |
Cvelist | CVE-2018-19452 | 7 Jun 201916:49 | – | cvelist |
Cvelist | CVE-2018-19444 | 17 Jun 201919:46 | – | cvelist |
Prion | Remote code execution | 7 Jun 201917:29 | – | prion |
Prion | Remote code execution | 17 Jun 201920:15 | – | prion |
Source Incite | SRC-2019-0001 : Foxit Reader SDK ActiveX Pro TextBox Field Mouse Enter Use-After-Free Remote Code Execution Vulnerability | 20 Nov 201800:00 | – | srcincite |
Source Incite | SRC-2019-0002 : Foxit Reader SDK ActiveX Pro TextBox Field Validate Use-After-Free Remote Code Execution Vulnerability | 20 Nov 201800:00 | – | srcincite |
Tenable Nessus | Foxit PDF SDK ActiveX < 5.5.1 Multiple Vulnerabilities | 14 Jun 201900:00 | – | nessus |
Source | Link |
---|---|
securityfocus | www.securityfocus.com/bid/108692 |
foxitsoftware | www.foxitsoftware.com/support/security-bulletins.php |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo