The vulnerability of the Foxit Studio Photo graphic editor lies in the ability to write code beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

🗓️ 25 Mar 2020 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Foxit Studio Photo editor flaw allows code execution by writing beyond memory via page or TIF file.

Reporter	Title	Published	Views	Family All 10
CNVD	Foxit Studio Photo Buffer Overflow Vulnerability (CNVD-2020-18403)	18 Mar 202000:00	–	cnvd
Check Point Advisories	Foxit Studio Photo Remote Code Execution (CVE-2020-8880)	4 Nov 202000:00	–	checkpoint_advisories
CVE	CVE-2020-8880	20 Mar 202018:40	–	cve
Cvelist	CVE-2020-8880	20 Mar 202018:40	–	cvelist
EUVD	EUVD-2020-29721	7 Oct 202500:30	–	euvd
NVD	CVE-2020-8880	20 Mar 202019:15	–	nvd
OSV	CVE-2020-8880	20 Mar 202019:15	–	osv
Prion	Design/Logic Flaw	20 Mar 202019:15	–	prion
RedhatCVE	CVE-2020-8880	5 Feb 202513:17	–	redhatcve
Zero Day Initiative	Foxit Studio Photo TIF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability	16 Mar 202000:00	–	zdi

Vulners

Node

foxit_software studio_photoRange≤3.6.6.918

Source	Link
foxitsoftware	www.foxitsoftware.com/support/security-bulletins.php
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2020031712
web	www.web.nvd.nist.gov/view/vuln/detail

25 Mar 2020 00:00Current

7.9High risk

Vulners AI Score7.9

CVSS 27.2

CVSS 37.8

EPSS0.11057

memory corruption arbitrary code execution crafted page image file format foxit studio photo