Arbitrary Code Execution Vulnerability in Foxit Studio Photo
CVE-2020-17423
7.8HIGH
What is CVE-2020-17423?
This vulnerability allows remote attackers to execute arbitrary code on installations of Foxit Studio Photo version 3.6.6.922. Exploitation requires user interaction, as the target must visit a malicious web page or open a compromised file. The vulnerability arises from insufficient validation of user-supplied data specific to ARW file handling, enabling an attacker to manipulate memory allocation, potentially executing code within the context of the affected application.
Affected Version(s)
Studio Photo 3.6.6.922