ACDSee 4.0 allows remote attackers to cause a denial of service (crash) via an .ais file with a long file description field, which is not properly handled when the file properties of the file are viewed.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| acd_systems | acdsee | 4.0 |
Integer overflow in the IDE_ACDStd.apl module for ACDSee 14.1 Build 137 allows remote attackers to execute arbitrary code via crafted "image dimension values" in a BMP file, which triggers a heap-based buffer overflow.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| acd_systems | acdsee | 14.1_build_137 |