ACDSee BMP Image File Handling Remote Heap Buffer Overflow Vulnerability
BID:52047
Info
ACDSee BMP Image File Handling Remote Heap Buffer Overflow Vulnerability
| Bugtraq ID: | 52047 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2012-1197 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 16 2012 12:00AM |
| Updated: | Feb 21 2012 07:10PM |
| Credit: | Tielei Wang of Georgia Tech Information Security Center via Secunia. |
| Vulnerable: |
ACD Systems Inc ACDSee 14.1 Build 137 |
| Not Vulnerable: | |
Discussion
ACDSee BMP Image File Handling Remote Heap Buffer Overflow Vulnerability
ACDSee is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.
Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions.
ACDSee 14.1 Build 137 is vulnerable; other versions may also be affected.
ACDSee is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.
Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the user running the application. Failed exploit attempts likely result in denial-of-service conditions.
ACDSee 14.1 Build 137 is vulnerable; other versions may also be affected.
Exploit / POC
ACDSee BMP Image File Handling Remote Heap Buffer Overflow Vulnerability
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
ACDSee BMP Image File Handling Remote Heap Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
ACDSee BMP Image File Handling Remote Heap Buffer Overflow Vulnerability
References:
References:
- ACDSee 14 Homepage (ACD Systems)