CVE-2018-3946

Name of the Vulnerable Software and Affected Versions Foxit Software's PDF Reader version 9.1.0.5096

Description A use-after-free issue in the JavaScript engine of Foxit Software's PDF Reader can be triggered by a specially crafted PDF document, allowing arbitrary code execution. This can occur when a user opens a malicious file. If the browser plugin extension is enabled, visiting a malicious site can also trigger the issue.

Recommendations For Foxit Software's PDF Reader version 9.1.0.5096, consider disabling the JavaScript engine as a temporary workaround until a patch is available. Avoid opening suspicious PDF files from untrusted sources to minimize the risk of exploitation. If the browser plugin extension is enabled, restrict access to potentially malicious sites to reduce the risk.