Release DateJun 21, 2007 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt to exploit a stack-based buffer-overflow vulnerability in ACDSee products.The vulnerability is caused by an error when the vulnerable software handles a specially crafted XPM file. Successful exploitation may allow remote attackers to execute arbitrary code by persuading the victim to open the malicious file with ACDSee. |
Affected ProductsACDSee versions 9.xACDSee versions 8.x ACD Systems Inc ACDSee Photo Editor 4.0 |
Recommended ActionsUpgrade to the latest versions, available from the web site:http://www.acdsee.com/ |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2007-6009CVE-2007-2193 |
Reference/shttp://www.securityfocus.com/bid/23620 (BugTraq)http://www.securityfocus.com/bid/26554 (BugTraq) |
