Vulnerability Key Information Vulnerability Name: Foxit Reader Annotations arrowEnd Use-After-Free Remote Code Execution Vulnerability ID: - ZDI-17-859 - ZDI-CAN-4979 CVE ID: CVE-2017-10957 CVSS Score: 6.8, AV:N/AC:M/Au:N/C:P/I:P/A:P Affected Vendor: Foxit Affected Product: Reader Trend Micro Customer Protection: - Trend Micro TippingPoint IPS customers are protected via Digital Vaccine filter ID ['29523']. - Further product information is available at TippingPoint IPS. Vulnerability Details: - This vulnerability allows remote attackers to execute arbitrary code on vulnerable Foxit Reader installations. Exploitation requires user interaction, meaning the target must access a malicious page or open a malicious file. - The specific issue lies in the property of the Annotation object. The problem arises from failing to validate the object's existence before performing operations on it. Additional Details: Foxit has released an update to fix this vulnerability. More information is available at: Foxit Security Bulletin Disclosure Timeline: - 2017-08-08 - Vulnerability reported to vendor - 2017-11-14 - Coordinated public advisory release Contributor: Steven Seeley (mr_me) of Offensive Security