CVE-2018-19444

A use after free in the TextBox field Validate action in IReader_ContentProvider can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031. An attacker can leverage this to gain remote code execution. Relative to CVE-2018-19452, this has a different free location and requires different JavaScript code for exploitation.
References
Configurations

Configuration 1


Information

Published : 2019-06-17 08:15

Updated : 2019-06-18 03:40


NVD link : CVE-2018-19444

Mitre link : CVE-2018-19444

CWE