CVE-2018-19389

MEDIUM

Foxit Reader <9.3.0.10826 - DoS

Title source: llm

Description

FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (Break instruction exception and application crash) via BMP data because of a ConvertToPDF_x86!ConnectedPDF::ConnectedPDFSDK::FCP_SendEmailNotification issue.

References (3)

Core 3

Core References

Third Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/153215

Exploit, Third Party Advisory x_refsource_misc

https://github.com/Yan-1-20/Yan-1-20.github.io/blob/master/2018/11/20/2018/11/2018-11-20/index.html

Broken Link x_refsource_misc

https://yan-1-20.github.io/2018/11/20/2018/11/2018-11-20/

Scores

CVSS v3 5.5

EPSS 0.0004

EPSS Percentile 12.0%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

CWE

CWE-125

Status published

Products (1)

foxitsoftware/foxit_reader 9.3.0.10826

Published Nov 20, 2018

Tracked Since Feb 18, 2026