CVE-2014-8074
Foxit PDF SDK ActiveX 2.3-5.0.1820 - Remote Code Execution via SetLogFile Method Buffer Overflow
Title source: llmDescription
Buffer overflow in the SetLogFile method in Foxit.FoxitPDFSDKProCtrl.5 in Foxit PDF SDK ActiveX 2.3 through 5.0.1820 before 5.0.2.924 allows remote attackers to execute arbitrary code via a long string, related to global variables.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www.foxitsoftware.com/support/security_bulletins.php#FRD-22
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-14-362/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/70608
Scores
EPSS
0.0306
EPSS Percentile
86.9%
Details
CWE
CWE-119
Status
published
Products (5)
foxitsoftware/foxit_pdf_sdk_activex
2.3
foxitsoftware/foxit_pdf_sdk_activex
3.0
foxitsoftware/foxit_pdf_sdk_activex
4.0
foxitsoftware/foxit_pdf_sdk_activex
5.0.0
foxitsoftware/foxit_pdf_sdk_activex
5.0.1.820
Published
Oct 17, 2014
Tracked Since
Feb 18, 2026