CVE-2018-3997

Name of the Vulnerable Software and Affected Versions Foxit PDF Reader version 9.2.0.9297

Description A use-after-free issue in the JavaScript engine of Foxit PDF Reader can be triggered by a specially crafted PDF document, potentially leading to arbitrary code execution. An attacker must trick the user into opening the malicious file to exploit this issue. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

Recommendations For Foxit PDF Reader version 9.2.0.9297, consider disabling the JavaScript engine as a temporary workaround until a patch is available. Restrict access to malicious PDF files and avoid visiting untrusted websites with the browser plugin extension enabled to minimize the risk of exploitation.