CVE-2018-3945

Name of the Vulnerable Software and Affected Versions Foxit PDF Reader version 9.1.0.5096

Description A use-after-free issue in the JavaScript engine of Foxit PDF Reader can be exploited by opening a specially crafted PDF document, allowing arbitrary code execution. This can happen when a previously freed object in memory is reused. An attacker would need to trick a user into opening the malicious file to trigger this issue.

Recommendations For Foxit PDF Reader version 9.1.0.5096, consider avoiding the use of the JavaScript engine in the PDF reader until a patch is available. As a temporary workaround, refrain from opening PDF documents from untrusted sources to minimize the risk of exploitation.