CVE-2020-24293

Name of the Vulnerable Software and Affected Versions FreeImage version 3.19.0

Description The issue allows remote attackers to run arbitrary code via the opening of a crafted psd file. This is due to a Buffer Overflow vulnerability in the psdThumbnail::Read function in PSDParser.cpp.

Recommendations For FreeImage version 3.19.0, consider avoiding the use of the psdThumbnail::Read function until a patch is available. As a temporary workaround, restrict the opening of psd files from untrusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.