CVE-2018-9958

HIGH

Foxitsoftware Foxit Reader < 9.0.1.1049 - Use After Free

Title source: rule

Description

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Text Annotations. When setting the point attribute, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5620.

Exploits (5)

nomisec NO CODE 1 stars
by t3rabyt3-zz · poc
https://github.com/t3rabyt3-zz/CVE-2018-9958--Exploit
exploitdb WORKING POC
by CrossWire · pythonlocalwindows
https://www.exploit-db.com/exploits/49116
exploitdb WORKING POC VERIFIED
by Metasploit · rubylocalwindows
https://www.exploit-db.com/exploits/45269
exploitdb WORKING POC VERIFIED
by mr_me · textremotewindows
https://www.exploit-db.com/exploits/44941
metasploit WORKING POC NORMAL
by mr_me, bit from meepwn, saelo, Jacob Robles · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/foxit_reader_uaf.rb

References (5)

Scores

CVSS v3 8.8
EPSS 0.8646
EPSS Percentile 99.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE
CWE-416
Status published

Affected Products (2)

foxitsoftware/foxit_reader < 9.0.1.1049
foxitsoftware/phantompdf < 9.0.1.1049

Timeline

Published May 17, 2018
Tracked Since Feb 18, 2026