CVE-2018-3939

🗓️ 01 Aug 2018 20:00:29Reported by talosType

Use-after-free vulnerability in Foxit PDF Reader 9.1.0.5096 allows arbitrary code execution via crafted PDF

Reporter	Title	Published	Views	Family All 12
Cvelist	CVE-2018-3939	1 Aug 201820:00	–	cvelist
Talos	Foxit PDF Reader Javascript createTemplate nPage Remote Code Execution Vulnerability	19 Jul 201800:00	–	talos
NVD	CVE-2018-3939	1 Aug 201820:29	–	nvd
Prion	Design/Logic Flaw	1 Aug 201820:29	–	prion
Tenable Nessus	Foxit PhantomPDF < 8.3.7 Multiple Vulnerabilities	30 Nov 201800:00	–	nessus
Tenable Nessus	Foxit Reader < 8.3.7 Multiple Vulnerabilities	22 Aug 201800:00	–	nessus
Tenable Nessus	Foxit Reader < 9.2 Multiple Vulnerabilities	27 Jul 201800:00	–	nessus
Tenable Nessus	Foxit PhantomPDF < 9.2 Multiple Vulnerabilities	27 Jul 201800:00	–	nessus
Talos Blog	Vulnerability Spotlight: Foxit PDF Reader JavaScript Remote Code Execution Vulns	19 Jul 201810:52	–	talosblog
Kaspersky	KLA11314 Multiple vulnerabilities in Foxit Reader	19 Jul 201800:00	–	kaspersky

Nvd

Vulners

Node

foxitsoftware foxit_readerRange≤9.1.0.5096

foxitsoftware phantompdfRange≤9.1.0.5096

AND

microsoft windowsMatch-

[
  {
    "product": "Foxit",
    "vendor": "Foxit",
    "versions": [
      {
        "status": "affected",
        "version": "Foxit Software Foxit PDF Reader 9.1.0.5096"
      }
    ]
  }
]

Source	Link
talosintelligence	www.talosintelligence.com/vulnerability_reports/TALOS-2018-0606
foxitsoftware	www.foxitsoftware.com/support/security-bulletins.php

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

01 Aug 2018 20:29Current

8.7High risk

Vulners AI Score8.7

CVSS26.8

CVSS38 - 8.8

EPSS0.0522

CWE-416