CVE-2018-14442 — Use After Free in Foxit Reader

Severity

9.8CRITICALNVD

EPSS

5.0%

top 10.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedJul 20

Latest updateMay 14

Description

Foxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Free that leads to Remote Code Execution, aka V-88f4smlocs.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

GHSA

GHSA-fc35-gmq9-qpqf: Foxit Reader before 9↗2022-05-14

▶

CVEList

CVE-2018-14442: Foxit Reader before 9↗2018-07-20

▶

Bugzilla

CVE-2018-7335 wireshark: IEEE 802.11 dissector crash in airpdcap.c↗2018-02-26

▶