First published: Mon Jun 17 2019(Updated: )
A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API app.launchURL is used. An attacker can leverage this to gain remote code execution.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Foxitsoftware Foxit Pdf Sdk Activex | <=5.5.0 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.