CVE-2019-6749

Vulnerability

Foxit Studio Photo version 3.6.6 is vulnerable to a remote code execution flaw in the handling of EZIX files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process [1], [2].

Exploitation

To exploit this vulnerability, an attacker must convince a user to open a malicious EZIX file or visit a page that triggers the file parsing. No authentication or special network position is required beyond delivering the crafted file. The parsing logic in Foxit Studio Photo fails to validate the size of input data before writing to a buffer, leading to a heap-based out-of-bounds write [2].

Impact

Successful exploitation allows an attacker to execute arbitrary code with the privileges of the current user. This can result in full compromise of the affected system, including data disclosure, modification, or installation of malware [2]. The vulnerability is rated CVSS 7.8 (High) due to the need for user interaction [2].

Mitigation

On April 17, 2019, the Zero Day Initiative disclosed this vulnerability. No official Foxit Studio Photo patch was mentioned in the available references. Users should monitor Foxit's security bulletins [1] for an update; as of the latest bulletin (April 2026) covering Foxit PDF Reader and Editor, no specific fix for Foxit Studio Photo is listed. Limiting file types opened in Foxit Studio Photo and exercising caution with untrusted EZIX files are recommended workarounds.