Security Advisory

CVE-2018-3959

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-10-02 21:00:00

Last updated 2024-09-16 18:44:44

Assigner talos

State PUBLISHED

Description

A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwares Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Author property of the this.info object. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

← Browse all CVEs View on cve.org ↗