What is CVE-2017-16576?

CVE-2017-16576 is a high-severity vulnerability in Foxit Reader, classified under Use After Free. CVSS score: 8.8/10. Published 2017-12-20.

How severe is CVE-2017-16576?

High severity. CVSS v3 base score is 8.8 out of 10.

Use After Free in Foxit Reader

CVE-2017-16576

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open…

Vulnerability class: Use-After-Free

EPSS: 0.004 (59.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Foxit Reader — versions 8.3.1.21155
Foxitsoftware Foxit_reader — versions 8.3.1.21155

Weakness classification (CWE)

CWE-416 — Use After Free

References

zdi-disclosures@trendmicro.com (VDB Entry, Third Party Advisory, x_refsource_MISC)
zdi-disclosures@trendmicro.com (x_refsource_CONFIRM, Patch, Vendor Advisory)

Frequently asked questions

What is CVE-2017-16576?: CVE-2017-16576 is a high-severity vulnerability in Foxit Reader, classified under Use After Free. CVSS score: 8.8/10. Published 2017-12-20.
How severe is CVE-2017-16576?: High severity. CVSS v3 base score is 8.8 out of 10.