From this web page screenshot, the following key information about the vulnerability can be obtained: Vulnerability Overview Vulnerability Name: Foxit Reader importAnXFDEX Type Confusion Remote Code Execution Vulnerability Vulnerability IDs: - ZDI-18-725 - ZDI-CAN-6028 CVE ID: CVE-2018-14265 CVSS Score: 6.8, AV:N/AC:M/Au:N/C:P/I:P/A:P Affected Vendors and Products Affected Vendor: Foxit Affected Product: Reader Vulnerability Details Vulnerability Description: This vulnerability allows remote attackers to execute arbitrary code on vulnerable Foxit Reader installations. To exploit this vulnerability, user interaction is required, such as visiting a malicious webpage or opening a malicious file. Specific Cause: A flaw exists in the importAnXFDEX method. By performing operations via JavaScript, attackers can trigger a type confusion condition and exploit the vulnerability to execute code within the current process context. Remediation and Response Vendor Patch Status: Foxit has released an update to fix this vulnerability. For more details, see: - https://www.foxitsoftware.com/support/security-bulletins.php Timeline Vulnerability Reported: 2018-04-03 (reported to vendor) Coordinated Public Disclosure: 2018-07-19 Update Status: 2018-07-19 - Announcement updated Discoverer Discovery Team: nsfocus security team.