Vulnerabilities > Foxitsoftware > Foxit PDF SDK Activex
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-17 | CVE-2018-19450 | Command Injection vulnerability in Foxitsoftware Foxit PDF SDK Activex A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) 5.4.0.1031 when parsing a launch action. | 7.8 |
| 2019-06-17 | CVE-2018-19449 | Out-of-bounds Write vulnerability in Foxitsoftware Foxit PDF SDK Activex 5.4.0.1031/5.5.0 A File Write can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API Doc.exportAsFDF is used. | 7.8 |
| 2019-06-17 | CVE-2018-19448 | Out-of-bounds Write vulnerability in Foxitsoftware Foxit PDF SDK Activex 5.4.0.1031/5.5.0 In Foxit Reader SDK (ActiveX) Professional 5.4.0.1031, an uninitialized object in IReader_ContentProvider::GetDocEventHandler occurs when embedding the control into Office documents. | 7.8 |
| 2019-06-17 | CVE-2018-19447 | Out-of-bounds Write vulnerability in Foxitsoftware Foxit PDF SDK Activex A stack-based buffer overflow can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) 5.4.0.1031 when parsing the URI string. | 7.8 |
| 2019-06-17 | CVE-2018-19446 | Incorrect Permission Assignment for Critical Resource vulnerability in Foxitsoftware Foxit PDF SDK Activex 5.4.0.1031/5.5.0 A File Write can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API Doc.createDataObject is used. | 7.8 |
| 2019-06-17 | CVE-2018-19445 | Command Injection vulnerability in Foxitsoftware Foxit PDF SDK Activex 5.4.0.1031/5.5.0 A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API app.launchURL is used. | 7.8 |
| 2019-06-17 | CVE-2018-19444 | Use After Free vulnerability in Foxitsoftware Foxit PDF SDK Activex 5.4.0.1031/5.5.0 A use after free in the TextBox field Validate action in IReader_ContentProvider can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031. | 7.8 |
| 2019-06-07 | CVE-2018-19452 | Use After Free vulnerability in Foxitsoftware Foxit PDF SDK Activex 5.4.0.1031/5.5.0 A use after free in the TextBox field Mouse Enter action in IReader_ContentProvider can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031. | 7.8 |
| 2019-06-07 | CVE-2018-19451 | Command Injection vulnerability in Foxitsoftware Foxit PDF SDK Activex 5.4.0.1031/5.5.0 A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when using the Open File action on a Field. | 7.8 |