CVE-2019-13325

Vulnerability

The vulnerability resides in the handling of Encapsulated PostScript (EPS) files within Foxit Studio Photo version 3.6.6.909. The specific flaw is a lack of proper validation of user-supplied data, resulting in an out-of-bounds read past the end of an allocated structure [2]. No special configuration is required to reach the vulnerable code path; any user who opens a crafted EPS file in the affected version triggers the parsing routine.

Exploitation

To exploit this vulnerability, an attacker must convince a user to visit a malicious webpage or open a malicious EPS file [2]. The attack vector is remote, but user interaction is required. No authentication or special privileges are needed on the target system. If the user opens the crafted EPS file, the application will read beyond the bounds of an allocated heap structure, which an attacker can leverage to achieve code execution [1][2].

Impact

Successful exploitation allows the attacker to execute arbitrary code within the context of the Foxit Studio Photo process [2]. The CVSS v3 score is 7.8 (High) with an impact vector indicating complete compromise of Confidentiality, Integrity, and Availability (C:H/I:H/A:H) [2]. The attacker gains the same privileges as the current user, which could lead to further system compromise if that user has elevated rights.

Mitigation

As of the publication date (2019-10-03), Foxit had not yet released a fixed version for Foxit Studio Photo specifically; the vendor's security bulletin page at the time primarily addressed Foxit PDF Reader and Foxit PDF Editor [1]. The Zero Day Initiative advisory [2] recommends users apply any vendor-provided updates when they become available. No workarounds are documented. Users should restrict opening EPS files from untrusted sources and monitor Foxit's security bulletins for a patch.