CVE-2018-3940

Name of the Vulnerable Software and Affected Versions Foxit PDF Reader version 9.1.0.5096

Description A use-after-free issue exists in the JavaScript engine, allowing a specially crafted PDF document to trigger the reuse of a previously freed object in memory. This can be exploited if an attacker tricks a user into opening a malicious file.

Recommendations For Foxit PDF Reader version 9.1.0.5096, consider avoiding the use of the JavaScript engine in the PDF Reader until a patch is available. As a temporary workaround, refrain from opening PDF documents from untrusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.