Command Injection Vulnerability in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 via Specially Crafted PDF Files

Command Injection Vulnerability in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 via Specially Crafted PDF Files

CVE-2018-19451 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when using the Open File action on a Field. An attacker can leverage this to gain remote code execution.

Learn more about our Web Application Penetration Testing UK.