CVE-2018-3842 in Foxitinformação

Sumário

de MITRE

An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code execution. An attacker needs to trick the user to open a malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

Talos

Reservar

02/01/2018

Divulgação

19/04/2018

Moderação

aceite

Entrada

VDB-116930

CPE

pronto

CWE

CWE-824 (confirmado)

CVSS

8.8 (NVD)

EPSS

0.04107

KEV

não

Atividades

muito baixo

Sector

Agriculture, Telecommunication, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2018-3842
NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-3842
CVE Details	https://www.cvedetails.com/cve/CVE-2018-3842/

◂ Voltar Visão Geral Próximo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!