Command Injection Vulnerability in Foxit Reader SDK by Foxit Software
CVE-2018-19450
7.8HIGH
What is CVE-2018-19450?
A command injection vulnerability exists in Foxit Reader SDK's ActiveX component when handling specially crafted PDF files. An attacker can exploit this flaw by crafting a PDF that triggers a launch action, potentially leading to remote code execution. This can allow unauthorized access and control over the affected system, posing significant security risks for users of the SDK.