Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6007

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2007-6007
Last Modified 07 Mar 2011 10:01:38
Published 15 Nov 2007 05:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-6007

Summary

Integer overflow in the ID_PSP.apl plug-in for ACD ACDSee Photo Manager 9.0 build 108, Pro Photo Manager 8.1 build 99, and Photo Editor 4.0 build 195 allows user-assisted remote attackers to execute arbitrary code via a crafted PSP image that triggers a heap-based buffer overflow.

Vulnerable Systems

Application

  • Acdsee Photo Editor 4.0

  • Acdsee Photo Manager 9.0

  • Acdsee Pro Photo Manager 8.1


References

CONFIRM - http://www.acdsee.com/support/knowledgebase/article?id=2800

SECUNIA - 25952

VUPEN - ADV-2007-3695

BID - 26297

BUGTRAQ - 20071102 Secunia Research: ACDSee Products Image and Archive Plug-insBuffer Overflows

MISC - http://secunia.com/secunia_research/2007-73/advisory/

SREASON - 3367


Last Updated: 27 May 2016 10:46:21