CVE-2018-9948

🗓️ 17 May 2018 15:02:29Reported by zdiType

Vulnerability in Foxit Reader 9.0.0.29935 allows remote attackers to disclose sensitive info via a malicious page or file

Reporter	Title	Published	Views	Family All 18
Zero Day Initiative	Foxit Reader Typed Array Uninitialized Pointer Information Disclosure Vulnerability	20 Apr 201800:00	–	zdi
Check Point Advisories	Foxit Reader PDF Use After Free Code Execution (CVE-2018-9948)	5 Jul 201800:00	–	checkpoint_advisories
Cvelist	CVE-2018-9948	17 May 201815:00	–	cvelist
NVD	CVE-2018-9948	17 May 201815:29	–	nvd
Prion	Design/Logic Flaw	17 May 201815:29	–	prion
Exploit DB	Foxit Reader 9.0.1.1049 - Remote Code Execution	25 Jun 201800:00	–	exploitdb
Exploit DB	Foxit Reader 9.0.1.1049 - Buffer Overflow (ASLR & DEP Bypass)	7 Aug 201800:00	–	exploitdb
Exploit DB	Foxit PDF Reader 9.0.1.1049 - Pointer Overwrite Use-After-Free (Metasploit)	27 Aug 201800:00	–	exploitdb
0day.today	Foxit Reader 9.0.1.1049 - Remote Code Execution Exploit	25 Jun 201800:00	–	zdt
0day.today	Foxit PDF Reader 9.0.1.1049 Pointer Overwrite Use-After-Free Exploit	24 Aug 201800:00	–	zdt

Nvd

Vulners

Node

foxitsoftware foxit_readerRange≤9.0.1.1049

foxitsoftware phantompdfRange≤9.0.1.1049

[
  {
    "product": "Foxit Reader",
    "vendor": "Foxit",
    "versions": [
      {
        "status": "affected",
        "version": "9.0.0.29935"
      }
    ]
  }
]

Source	Link
exploit-db	www.exploit-db.com/exploits/45269/
foxitsoftware	www.foxitsoftware.com/support/security-bulletins.php
exploit-db	www.exploit-db.com/exploits/44941/
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-18-332

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

17 May 2018 15:29Current

7.1High risk

Vulners AI Score7.1

CVSS24.3

CVSS36.5

EPSS0.28497