Denial of Service Vulnerability in Foxit Reader's U3D Plugin
CVE-2018-18933
9.1CRITICAL
What is CVE-2018-18933?
The u3d plugin in Foxit Reader versions up to 9.3.0.10826 is susceptible to a vulnerability that allows remote attackers to execute a Denial of Service attack. This is accomplished by exploiting an out-of-bounds read due to a 'Read Access Violation near NULL' issue, leading to potential information leakage or application crashes when handling specific U3D sample files. Users of affected versions are advised to update their software immediately.