The host is installed with Foxit PDF Reader before 10.1.4, or Foxit PDF Editor before 10.1.4 and is prone to an arbitrary files write vulnerability. A flaw is present in the applications which fails to properly validate the CombineFiles pathname. Successful exploitation allows attackers to write to arbitrary files.