Remote Code Execution Vulnerability in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 via Specially Crafted PDF Files

CVE-2018-19446 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

A File Write can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API Doc.createDataObject is used. An attacker can leverage this to gain remote code execution.

Learn more about our Api Penetration Testing.