54 matches found
CVE-2021-31437
Foxit Studio Photo 3.6.6.931 contains an out-of-bounds write in JP2 file parsing due to insufficient input validation, enabling remote code execution. Exploitation requires user interaction (visiting a malicious page or opening a malicious file). The issue is documented by ZDI (ZDI-21-480). No re...
CVE-2020-17432
Foxit Studio Photo vulnerability CVE-2020-17432 affects parsing of CR2 files and causes an out-of-bounds read due to inadequate input validation. This can lead to information disclosure and, when combined with other flaws, potential code execution in the target process. Exploitation requires user...
CVE-2020-17433
Foxit Studio Photo vulnerable in CMP file parsing leading to an out-of-bounds read in Foxit Studio Photo 3.6.6.922 (and affected earlier versions per CNVD). The flaw arises from insufficient validation of user-supplied data, allowing an attacker to read past the end of an allocated structure and ...
CVE-2021-31433
Foxit Studio Photo 3.6.6.931 is affected by CVE-2021-31433. The root cause is improper validation during ARW file parsing, causing a write past the end of an allocated data structure. This enables remote code execution in the context of the current process, with user interaction required (target ...