CVE-2020-17410: 
Foxit PDF Reader vulnerability analysis and mitigation

CVE-2020-17410 is a vulnerability discovered in Foxit PhantomPDF version 10.0.0.35798. The vulnerability allows remote attackers to execute arbitrary code on affected installations. User interaction is required to exploit this vulnerability, specifically requiring the target to visit a malicious page or open a malicious file (Zero Day Initiative, NVD).

The vulnerability exists within the parsing of GIF files. The specific flaw results from the lack of validating the existence of an object prior to performing operations on the object, leading to a Use-After-Free condition. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the vector string: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (Zero Day Initiative, NVD).

An attacker can leverage this vulnerability to execute code in the context of the current process, potentially gaining the same privileges as the targeted application. The vulnerability affects confidentiality, integrity, and availability of the system, all rated as High in the CVSS scoring (NVD).

Foxit has issued an update to correct this vulnerability. Users are advised to update their installations to the latest version through the vendor's website or through the application's update mechanism (Zero Day Initiative).