Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1197

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2012-1197
Last Modified 24 Feb 2012 12:00:00
Published 17 Feb 2012 07:55:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-1197

Summary

Integer overflow in the IDE_ACDStd.apl module for ACDSee 14.1 Build 137 allows remote attackers to execute arbitrary code via crafted "image dimension values" in a BMP file, which triggers a heap-based buffer overflow.

Vulnerable Systems

Application

  • Acd Systems Acdsee 14.1 Build 137


References

XF - acdsee-bmp-image-bo(73242)

BID - 52047

SECUNIA - 47450

OSVDB - 79305


Last Updated: 27 May 2016 10:57:26