The host is installed with Foxit Reader before 10.1 or Foxit PhantomPDF before 10.1 and is prone to a use after free vulnerability. A flaw is present in the applications which fails to properly handle interpretation error for /V (in the Additional Action and Field dictionaries). Successful exploitation allow attackers to perform remote code execution or disclose sensitive information.