Object Initialization Flaw in Foxit Reader SDK ActiveX Control
CVE-2018-19448
7.8HIGH
What is CVE-2018-19448?
An uninitialized object in the Foxit Reader SDK ActiveX control can be exploited when embedding the control into Microsoft Office documents. This issue allows attackers to trigger an out-of-bounds write condition by opening a specially crafted document, potentially leading to unauthorized remote code execution. Users of Foxit Reader SDK should ensure they are using updated versions to mitigate this security risk.