In Foxit Reader SDK (ActiveX) Professional 5.4.0.1031, an uninitialized object in IReader_ContentProvider::GetDocEventHandler occurs when embedding the control into Office documents. By opening a specially crafted document, an attacker can trigger an out of bounds write condition, possibly leveraging this to gain remote code execution.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-05T11:37:11.396Z

Reserved: 2018-11-22T00:00:00

Link: CVE-2018-19448

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-06-17T20:15:09.807

Modified: 2024-11-21T03:57:56.517

Link: CVE-2018-19448

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.