CVE-2018-3962

Name of the Vulnerable Software and Affected Versions Foxit PDF Reader version 9.1.0.5096

Description A use-after-free issue exists in the JavaScript engine. This can occur when accessing the CreationDate property of the this.info object. An attacker can exploit this by tricking a user into opening a malicious file. If the browser plugin extension is enabled, visiting a malicious site can also trigger the issue.

Recommendations For Foxit PDF Reader version 9.1.0.5096, consider disabling the JavaScript engine or the browser plugin extension as a temporary workaround until a patch is available. Avoid opening suspicious PDF files from untrusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.