Multiple buffer overflows in ACD products allow user-assisted remote malicious users to execute arbitrary code via a long section string in a (1) XBM or (2) XPM file to (a) ID_X.apl or (b) IDE_ACDStd.apl. NOTE: the PSP and LHA vectors are already covered by CVE-2007-4344 and CVE-2007-6007. NOTE: these might be integer overflows rather than buffer overflows.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
acdsee photo editor 4.0 |
||
acdsee photo manager 9.0 |
||
acdsee pro photo manager 8.1 |