PT-2015-7728 · Google · Google Picasa

Publicado

2015-11-09

Atualizado

2018-10-09

CVE-2015-8096

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Google Picasa version 3.9.140 Build 239 Google Picasa version 3.9.140 Build 248

Description The issue is related to an integer overflow that triggers a heap-based buffer overflow, potentially allowing remote attackers to execute arbitrary code. This is connected to unspecified vectors related to the "phase one 0x412 tag".

Recommendations For Google Picasa version 3.9.140 Build 239, update to a version that fixes the integer overflow issue. For Google Picasa version 3.9.140 Build 248, update to a version that fixes the integer overflow issue. As a temporary workaround, consider restricting access to potentially vulnerable components until a patch is available.

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-189CWE-119

Identificadores relacionados

CVE-2015-8096

Produtos afetados

Google Picasa

PT-2015-7728 · Google · Google Picasa

CVE-2015-8096

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4