VYPR
Unrated severityNVD Advisory· Published Jan 30, 2019· Updated Sep 16, 2024

CVE-2018-3956

CVE-2018-3956

Description

An exploitable out-of-bounds read vulnerability exists in the handling of certain XFA element attributes of Foxit Software's PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger an out-of-bounds read, which can disclose sensitive memory content and aid in exploitation when coupled with another vulnerability. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Range: = 9.1.0.5096
  • Foxit/Foxitv5
    Range: Foxit Software PDF Reader 9.1.0.5096.

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.