45 matches found
CVE-2018-19444
A use after free in the TextBox field Validate action in IReaderContentProvider can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031. An attacker can leverage this to gain remote code execution. Relative to CVE-2018-19452, this has a different free locatio...
CVE-2018-19445
A command injection can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031 when the JavaScript API app.launchURL is used. An attacker can leverage this to gain remote code execution...
CVE-2018-19447
A stack-based buffer overflow can occur for specially crafted PDF files in Foxit Reader SDK ActiveX 5.4.0.1031 when parsing the URI string. An attacker can leverage this to gain remote code execution...
EUVD-2018-11134
Malware in sbrugna...
EUVD-2018-11138
Malware in sbrugna...
EUVD-2018-11140
Malware in sbrugna...
EUVD-2018-11142
Malware in sbrugna...
CVE-2018-19452
A use after free in the TextBox field Mouse Enter action in IReaderContentProvider can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031. An attacker can leverage this to gain remote code execution. Relative to CVE-2018-19444, this has a different free...
CVE-2018-19446
A File Write can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031 when the JavaScript API Doc.createDataObject is used. An attacker can leverage this to gain remote code execution...
CVE-2018-19445
A command injection can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031 when the JavaScript API app.launchURL is used. An attacker can leverage this to gain remote code execution...
CVE-2018-19444
A use after free in the TextBox field Validate action in IReaderContentProvider can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031. An attacker can leverage this to gain remote code execution. Relative to CVE-2018-19452, this has a different free locatio...
CVE-2018-19450
A command injection can occur for specially crafted PDF files in Foxit Reader SDK ActiveX 5.4.0.1031 when parsing a launch action. An attacker can leverage this to gain remote code execution...
CVE-2018-19444
A use after free in the TextBox field Validate action in IReaderContentProvider can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031. An attacker can leverage this to gain remote code execution. Relative to CVE-2018-19452, this has a different free locatio...
CVE-2018-19445
A command injection can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031 when the JavaScript API app.launchURL is used. An attacker can leverage this to gain remote code execution...
CVE-2018-19446
A File Write can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031 when the JavaScript API Doc.createDataObject is used. An attacker can leverage this to gain remote code execution...
CVE-2018-19448
In Foxit Reader SDK ActiveX Professional 5.4.0.1031, an uninitialized object in IReaderContentProvider::GetDocEventHandler occurs when embedding the control into Office documents. By opening a specially crafted document, an attacker can trigger an out of bounds write condition, possibly leveragin...
CVE-2018-19449
A File Write can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031 when the JavaScript API Doc.exportAsFDF is used. An attacker can leverage this to gain remote code execution...
CVE-2018-19450
A command injection can occur for specially crafted PDF files in Foxit Reader SDK ActiveX 5.4.0.1031 when parsing a launch action. An attacker can leverage this to gain remote code execution...
Remote code execution
A use after free in the TextBox field Validate action in IReaderContentProvider can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031. An attacker can leverage this to gain remote code execution. Relative to CVE-2018-19452, this has a different free locatio...
Command injection
A command injection can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031 when the JavaScript API app.launchURL is used. An attacker can leverage this to gain remote code execution...