CVE-2018-3843

Name of the Vulnerable Software and Affected Versions Foxit PDF Reader version 9.0.1.1049

Description A type confusion issue exists in the way Foxit PDF Reader parses files with associated file annotations. This can be triggered by a specially crafted PDF document, potentially leading to sensitive memory disclosure and possibly arbitrary code execution. An attacker must trick the user into opening the malicious file to exploit this issue. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

Recommendations For Foxit PDF Reader version 9.0.1.1049, consider disabling the browser plugin extension to minimize the risk of exploitation until a patch is available. Avoid opening suspicious PDF documents from untrusted sources. At the moment, there is no information about a newer version that contains a fix for this vulnerability.