How severe is CVE-2019-5031?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2019-5031?

This is classified as CWE-703, which is a common weakness in software security.

CVE-2019-5031 - HIGH Severity | CVSS 8.8

Vulnerability Description

An exploitable memory corruption vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.4.1.16828. A specially crafted PDF document can trigger an out-of-memory condition which isn't handled properly, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

Related Vulnerabilities

CVE-2023-45927

CRITICAL

CVSS:9.1(Critical)

S-Lang 2.3.2 was discovered to contain an arithmetic exception via the function tt_sprintf().

CWE-7032023

CVE-2024-27832

CRITICAL

CVSS:9.1(Critical)

The issue was addressed with improved checks. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to elevate privileges.

CWE-7032024

CVE-2024-37995

LOW

CVSS:9.1(Critical)

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF6...

CWE-7032024

CVE-2024-21525

HIGH

CVSS:8.3(High)

All versions of the package node-twain are vulnerable to Improper Check or Handling of Exceptional Conditions due to the length of the source data not being checked. Creating a new twain.TwainSDK with...

CWE-7032024

CVE-2018-12551

HIGH

CVSS:8.1(High)

When Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) is configured to use a password file for authentication, any malformed data in the password file will be treated as valid. This typically means ...

CWE-7032018

CVE-2024-10781

HIGH

CVSS:8.1(High)

The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an missing empty value check on the 'api_key' value in the...

CWE-7032024