ACD Systems ACDSee Products XBM File Handling Buffer Overflow
Added: 01/21/2010BID: 37685
Background
ACDSee is a suite of products for viewing and organizing photos.Problem
A buffer overflow vulnerability in the ID_X.apl plug-in allows command execution when a user opens a specially crafted XBM file.Resolution
Apply a patch or upgrade when released by the vendor. In the interim, avoid opening XBM files from untrusted sources or use an alternative application to process XBM files.References
http://www.securityfocus.com/archive/1/508817Limitations
Exploit works on ACDSee Systems ACDSee Photo Manager 10.0 Build 238 and requires a user to open the XBM file using the affected software.Platforms
WindowsBack to exploit index