Critical Vulnerability Information Title: Foxit Reader FormCalc closeDoc Type Confusion Remote Code Execution Vulnerability ID: ZDI-17-883 ZDI-CAN-5073 CVE ID: CVE-2017-16572 Score: CVSS Score 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) Affected Vendor: Foxit Affected Product: Reader Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable Foxit Reader installations. User interaction is required (e.g., visiting a malicious page or opening a malicious file). The flaw resides in the FormCalc closeDoc method, where user-supplied data is not properly validated, leading to a type confusion vulnerability. Attackers can exploit this to execute code within the current process. Mitigations: Trend Micro TippingPoint IPS customers are protected via the Digital Vaccine protection filter ID ['29696']. For more information, visit: http://www.tippingpoint.com Additional Details: Foxit has released an update to fix this vulnerability. More details are available at: https://www.foxitsoftware.com/support/security-bulletins.php Disclosure Timeline: 2017-08-08: Vulnerability reported to vendor 2017-11-14: Coordinated public disclosure Contributor: Steven Seeley (mr._me) from Offensive Security