Use After Free Vulnerability in Foxit Reader SDK ActiveX
CVE-2018-19452
7.8HIGH
What is CVE-2018-19452?
An attacker could exploit a use after free condition in the TextBox field's Mouse Enter action within the Foxit Reader SDK (ActiveX) Professional 5.4.0.1031. This vulnerability allows attackers to execute arbitrary code remotely by leveraging specially crafted PDF files, marking a significant security risk for users of the affected product. The exploitation technique differs from related vulnerabilities, requiring unique JavaScript code to trigger the flaw effectively.