PT-2007-6934 · Acd · Acdsee Photo Manager+1
Published
2007-11-15
·
Updated
2018-10-15
·
CVE-2007-6007
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
ACDSee Photo Manager version 9.0 build 108
ACD ACDSee Pro Photo Manager version 8.1 build 99
ACDSee Photo Editor version 4.0 build 195
Description
The issue is related to an integer overflow in the ID PSP.apl plug-in, which can be exploited by user-assisted remote attackers. This is achieved through a crafted PSP image that triggers a heap-based buffer overflow, allowing the execution of arbitrary code.
Recommendations
For ACDSee Photo Manager version 9.0 build 108, update to a version that fixes the integer overflow issue in the ID PSP.apl plug-in.
For ACDSee Pro Photo Manager version 8.1 build 99, update to a version that fixes the integer overflow issue in the ID PSP.apl plug-in.
For ACDSee Photo Editor version 4.0 build 195, update to a version that fixes the integer overflow issue in the ID PSP.apl plug-in.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acdsee Photo Editor
Acdsee Photo Manager