CVE-2018-3924

Name of the Vulnerable Software and Affected Versions Foxit PDF Reader version 9.1.5096

Description A use-after-free issue exists in the JavaScript engine, allowing arbitrary code execution when a specially crafted PDF document is opened. This can be triggered by tricking a user into opening a malicious file. If the browser plugin extension is enabled, visiting a malicious site can also exploit this issue.

Recommendations For Foxit PDF Reader version 9.1.5096, consider disabling the JavaScript engine as a temporary workaround until a patch is available. Restrict access to malicious PDF files and avoid visiting untrusted websites with the browser plugin extension enabled.