CVE-2020-24295

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 22, 2023
Updated: Nov 7, 2023
CWE ID 120

Summary

CVE-2020-24295 is a buffer overflow vulnerability found in the PSDParser.cpp module, specifically in the ReadImageLine() function of FreeImage 3.19.0 (r1859). This issue permits remote attackers to execute arbitrary code by providing crafted PSD (Photoshop Document) files that trigger the buffer overflow condition. Successful exploitation of this flaw could result in the attacker gaining unauthorized access to a system or network, leading to potential data theft or system damage.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share