ACDSee Products TIFF and Font Parsing Buffer Overflow Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 4 Jun 2009 4822 Views

RISK: Medium Risk

Medium Risk

Two vulnerabilities have been identified in various ACDSee products, which could be exploited by attackers to compromise a vulnerable system.

1. A buffer overflow error when parsing a specially crafted TIFF image, which could be exploited to crash an affected application or execute arbitrary code by tricking a user into opening a malicious image.

2. A buffer overflow error when parsing specially crafted Fonts, which could be exploited to crash an affected application or execute arbitrary code by tricking a user into opening a malicious file.

Impact

  • Remote Code Execution

System / Technologies affected

  • ACDSee 11.x
  • ACDSee 10.x
  • ACDSee 9.x
  • ACDSee Photo Manager 2009
  • ACDSee Photo Manager 2008
  • ACDSee Pro Photo Manager version 2.5 and prior

Solutions

Do not open untrusted files.

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

Apple QuickTime File Processing Remote Code Execution Vulnerabilities

3 Jun 2009 4761 Views

Next

Microsoft Office Excel Multiple Vulnerabilities ( 10 June 2009 )

10 Jun 2009 4575 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY