54 matches found
CVE-2020-17422
Foxit Studio Photo information disclosure (CVE-2020-17422) stems from improper validation in EPS file parsing, causing an out-of-bounds read of an allocated structure. Affected versions include Foxit Studio Photo 3.6.6.x; an attacker must lure a user to open a malicious page/file, enabling inform...
CVE-2020-17432
Foxit Studio Photo vulnerability CVE-2020-17432 affects parsing of CR2 files and causes an out-of-bounds read due to inadequate input validation. This can lead to information disclosure and, when combined with other flaws, potential code execution in the target process. Exploitation requires user...
CVE-2020-17433
Foxit Studio Photo vulnerable in CMP file parsing leading to an out-of-bounds read in Foxit Studio Photo 3.6.6.922 (and affected earlier versions per CNVD). The flaw arises from insufficient validation of user-supplied data, allowing an attacker to read past the end of an allocated structure and ...
CVE-2021-31433
Foxit Studio Photo 3.6.6.931 is affected by CVE-2021-31433. The root cause is improper validation during ARW file parsing, causing a write past the end of an allocated data structure. This enables remote code execution in the context of the current process, with user interaction required (target ...