Unrated severityNVD Advisory· Published Jan 30, 2019· Updated Sep 16, 2024
CVE-2018-3956
CVE-2018-3956
Description
An exploitable out-of-bounds read vulnerability exists in the handling of certain XFA element attributes of Foxit Software's PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger an out-of-bounds read, which can disclose sensitive memory content and aid in exploitation when coupled with another vulnerability. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = 9.1.0.5096
- Foxit/Foxitv5Range: Foxit Software PDF Reader 9.1.0.5096.
Patches
Vulnerability mechanics
References
1- www.talosintelligence.com/vulnerability_reports/TALOS-2018-0626mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.