CVE-2018-3843

high-risk

Published 2018-04-19

An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations. A specially crafted PDF document can lead to an object of invalid type to be dereferenced, which can potentially lead to sensitive memory disclosure, and possibly to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

Do I need to act?

33.7% chance of exploitation in next 30 days

EPSS score — higher than 66% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

NETWORK / LOW complexity

Affected Products (1)

Foxit Reader

Affected Vendors

Foxitsoftware

References (6)

Broken Link http://www.securityfocus.com/bid/103942

Broken Link http://www.securitytracker.com/id/1040733

Exploit https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0526

Broken Link http://www.securityfocus.com/bid/103942

Broken Link http://www.securitytracker.com/id/1040733

Exploit https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0526

/ 100

high-risk

Severity 30/34 · Critical

Exploitability 16/34 · Moderate

Exposure 5/34 · Minimal