CVE-2018-3944

Name of the Vulnerable Software and Affected Versions Foxit Software's PDF Reader version 9.1.0.5096

Description A use-after-free issue in the JavaScript engine of Foxit Software's PDF Reader can be exploited by opening a specially crafted PDF document, potentially leading to arbitrary code execution. An attacker must trick the user into opening the malicious file to trigger this issue. If the browser plugin extension is enabled, visiting a malicious site can also trigger the issue.

Recommendations For Foxit Software's PDF Reader version 9.1.0.5096, consider disabling the JavaScript engine in the PDF Reader as a temporary workaround until a patch is available. Additionally, disabling the browser plugin extension can help minimize the risk of exploitation.