In association with heise online

« previous | next »
2 June 2009, 16:26

Critical vulnerabilities in ACDSee Photo Managers

The French security services provider VUPEN (Formerly FrSIRT) has reported several vulnerabilities in the photo managers from ACD Systems. Specially crafted TIFF images and Fonts can lead to buffer overflows, causing the affected application to crash and allow for the remote execution of code. For an attack to be successful, a victim has only to open one of the specially crafted files using one of the vulnerable ACD System products. VUPEN has created proof of concept exploits and made them available for testing.

The vulnerabilities affect ACDSee Photo Manager 2009, ACDSee Photo Manager 2008, ACDSee 11.x, ACDSee 10.x, ACDSee 9.x and ACDSee Pro Photo Manager version 2.5 and earlier. A patch has yet to be released. VUPEN has contacted ACD Systems about the vulnerabilities, however, after several attempts, there has been no response. Users are advised to use an alternative application.

See also:

(crve)

Add your comment

« previous | next »
Print Version | Send by email | Permalink: http://h-online.com/-741853

Also on The H:

  • Share this article
  • Twitter
  • Facebook
  • digg this
  • submit to slashdot
  • post to delicious
  • StumbleUpon
  • submit to reddit
The H Open Headlines

Price Insight Top 10 powered by Skinflint

  1. Samsung Galaxy S2 i9100 16GB schwarz
  2. Crucial m4 SSD 128GB
  3. Intel Core i5-2500K
  4. TeamGroup Elite DIMM Kit 8GB PC3-10667U CL9-9-9-24 (DDR3-1333)
  5. Intel Core i7-2600K
  6. ASUS EAH6870 DC/2DI2S/1GD5
  7. ASRock Z68 Pro3
  8. Samsung Galaxy S Plus i9001 schwarz 8GB
  9. Samsung EcoGreen F4 2000GB
  10. Samsung Galaxy S i9000 schwarz 8GB

The H

The H open source

The H Security

The H Internet Toolkit