ACD Systems ACDSee Products XBM File Handling Buffer Overflow

Added: 01/21/2010
BID: 37685

Background

ACDSee is a suite of products for viewing and organizing photos.

Problem

A buffer overflow vulnerability in the ID_X.apl plug-in allows command execution when a user opens a specially crafted XBM file.

Resolution

Apply a patch or upgrade when released by the vendor. In the interim, avoid opening XBM files from untrusted sources or use an alternative application to process XBM files.

References

http://www.securityfocus.com/archive/1/508817

Limitations

Exploit works on ACDSee Systems ACDSee Photo Manager 10.0 Build 238 and requires a user to open the XBM file using the affected software.

Platforms

Windows

Back to exploit index