Command Injection Vulnerability in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 via app.launchURL JavaScript API
CVE-2018-19445 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API app.launchURL is used. An attacker can leverage this to gain remote code execution.
Learn more about our Api Penetration Testing.