CVE-2018-19448

In Foxit Reader SDK (ActiveX) Professional 5.4.0.1031, an uninitialized object in IReader_ContentProvider::GetDocEventHandler occurs when embedding the control into Office documents. By opening a specially crafted document, an attacker can trigger an out of bounds write condition, possibly leveraging this to gain remote code execution.
References
Configurations

Configuration 1


Information

Published : 2019-06-17 08:15

Updated : 2019-06-18 04:17


NVD link : CVE-2018-19448

Mitre link : CVE-2018-19448

CWE