CVE-2020-24293

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 22, 2023

Updated: Nov 7, 2023

CWE ID 120

Summary

CVE-2020-24293 is a buffer overflow vulnerability identified in the PSDParser.cpp module of FreeImage 3.19.0 [r1859]. This issue lies in the psdThumbnail::Read function, which can be exploited by remote attackers. By creating and opening a specially crafted PSD (Photoshop Document) file, cybercriminals can trigger the buffer overflow and inject malicious code, potentially resulting in unauthorized system access or data theft. This vulnerability poses a significant risk and requires urgent patching to protect against potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sbNPXg
https://www.cve.org/CVERecord?id=CVE-2020-24293
https://nvd.nist.gov/vuln/detail/CVE-2020-24293

Back to Vulnerability Database

CVE-2020-24293

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations