Vulnerability identifier: #VU16794
Vulnerability risk: High
Exploitation vector: Network
Exploit availability: No
Vendor: Foxit Software Inc.
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to the use of page or pointer which has been closed or freed. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger use-after-free error and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
Update to version 9.4.
Vulnerable software versions
Foxit PDF Reader for Windows: 9.0 - 188.8.131.5226
Foxit PDF Editor (formerly Foxit PhantomPDF): 9.0 - 184.108.40.20626
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?