8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.03 Low
EPSS
Percentile
90.8%
11/01/2017
Critical
Multiple serious vulnerabilities have been found in Foxit Reader. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code.
Foxit Reader earlier than 9.0.0.29935
Foxit PhantomPDF earlier than 9.0.0.29935
Update to latest version
Download Foxit Reader
Download Foxit PhantomPDF
ACE
CVE-2017-148346.8High
CVE-2017-148356.8High
CVE-2017-148366.8High
CVE-2017-148376.8High
CVE-2017-165716.8High
CVE-2017-165726.8High
CVE-2017-165734.3Warning
CVE-2017-165744.3Warning
CVE-2017-165756.8High
CVE-2017-165766.8High
CVE-2017-165776.8High
CVE-2017-165786.8High
CVE-2017-165794.3Warning
CVE-2017-165804.3Warning
CVE-2017-165816.8High
CVE-2017-165826.8High
CVE-2017-165836.8High
CVE-2017-165844.3Warning
CVE-2017-165856.8High
CVE-2017-165866.8High
CVE-2017-165876.8High
CVE-2017-165884.3Warning
CVE-2017-165894.3Warning
CVE-2017-109564.3Warning
CVE-2017-109576.8High
CVE-2017-109586.8High
CVE-2017-109596.8High
CVE-2017-148184.3Warning
CVE-2017-148194.3Warning
CVE-2017-148204.3Warning
CVE-2017-148214.3Warning
CVE-2017-148224.3Warning
CVE-2017-148236.8High
CVE-2017-148246.8High
CVE-2017-148256.8High
CVE-2017-148266.8High
CVE-2017-148276.8High
CVE-2017-148286.8High
CVE-2017-148296.8High
CVE-2017-148306.8High
CVE-2017-148316.8High
CVE-2017-148326.8High
CVE-2017-148336.8High
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10956
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10957
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10958
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10959
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14818
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14819
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14820
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14821
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14822
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14823
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14824
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14825
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14826
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14827
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14828
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14829
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14830
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14831
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14832
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14833
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14834
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14835
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14836
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14837
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16571
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16572
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16573
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16574
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16575
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16576
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16577
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16578
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16579
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16580
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16581
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16582
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16583
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16584
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16585
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16586
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16587
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16588
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16589
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Foxit-Phantom-PDF/
threats.kaspersky.com/en/product/Foxit-Reader/
www.foxitsoftware.com/downloads/#Foxit-PhantomPDF-Business
www.foxitsoftware.com/downloads/#Foxit-Reader
www.foxitsoftware.com/support/security-bulletins.php
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.03 Low
EPSS
Percentile
90.8%