CVE-2014-8074 – Foxit ActiveX Pro SDK SetLogFile Buffer Overflow Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2014-8074

14 Oct 2014 — Buffer overflow in the SetLogFile method in Foxit.FoxitPDFSDKProCtrl.5 in Foxit PDF SDK ActiveX 2.3 through 5.0.1820 before 5.0.2.924 allows remote attackers to execute arbitrary code via a long string, related to global variables. Desbordamiento de buffer en el método SetLogFile en Foxit.FoxitPDFSDKProCtrl.5 de Foxit PDF SDK ActiveX 2.3 hasta 5.0.1820 anteriores a 5.0.2.924 permite a atacantes remotos ejecutar código arbitrario a través de una larga cadena, relacionado con variables globales. This vulnerab... • http://www.foxitsoftware.com/support/security_bulletins.php#FRD-22 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •