Vulnerabilities > Foxitsoftware > Foxit PDF SDK Activex
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-17 | CVE-2018-19450 | Command Injection vulnerability in Foxitsoftware Foxit PDF SDK Activex A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) 5.4.0.1031 when parsing a launch action. | 6.8 |
| 2019-06-17 | CVE-2018-19449 | Out-of-bounds Write vulnerability in Foxitsoftware Foxit PDF SDK Activex A File Write can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API Doc.exportAsFDF is used. | 6.8 |
| 2019-06-17 | CVE-2018-19448 | Out-of-bounds Write vulnerability in Foxitsoftware Foxit PDF SDK Activex In Foxit Reader SDK (ActiveX) Professional 5.4.0.1031, an uninitialized object in IReader_ContentProvider::GetDocEventHandler occurs when embedding the control into Office documents. | 6.8 |
| 2019-06-17 | CVE-2018-19447 | Out-of-bounds Write vulnerability in Foxitsoftware Foxit PDF SDK Activex A stack-based buffer overflow can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) 5.4.0.1031 when parsing the URI string. | 6.8 |
| 2019-06-17 | CVE-2018-19446 | Incorrect Permission Assignment for Critical Resource vulnerability in Foxitsoftware Foxit PDF SDK Activex A File Write can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API Doc.createDataObject is used. | 6.8 |
| 2019-06-17 | CVE-2018-19445 | Command Injection vulnerability in Foxitsoftware Foxit PDF SDK Activex A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API app.launchURL is used. | 6.8 |
| 2019-06-17 | CVE-2018-19444 | Use After Free vulnerability in Foxitsoftware Foxit PDF SDK Activex A use after free in the TextBox field Validate action in IReader_ContentProvider can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031. | 6.8 |
| 2019-06-07 | CVE-2018-19452 | Use After Free vulnerability in Foxitsoftware Foxit PDF SDK Activex A use after free in the TextBox field Mouse Enter action in IReader_ContentProvider can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031. | 6.8 |
| 2019-06-07 | CVE-2018-19451 | Command Injection vulnerability in Foxitsoftware Foxit PDF SDK Activex A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when using the Open File action on a Field. | 6.8 |
| 2014-10-17 | CVE-2014-8074 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Foxitsoftware Foxit PDF SDK Activex Buffer overflow in the SetLogFile method in Foxit.FoxitPDFSDKProCtrl.5 in Foxit PDF SDK ActiveX 2.3 through 5.0.1820 before 5.0.2.924 allows remote attackers to execute arbitrary code via a long string, related to global variables. | 6.8 |