Multiple stack-based buffer overflows in ACDSee FotoSlate 4.0 Build 146 allow remote attackers to execute arbitrary code via a long id parameter in a (1) String or (2) Int tag in a FotoSlate Project (aka PLP) file.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| acdsee | fotoslate | 4.0 |
A memory corruption vulnerability exists in the .PSD parsing functionality of ACDSee Ultimate 10.0.0.292. A specially crafted .PSD file can cause an out of bounds write vulnerability resulting in potential code execution. An attacker can send a specific .PSD file to trigger this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| acdsee | ultimate | 10.0.0.292 |
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x00000000000024ed.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| acdsee | acdsee | 1.1.21 |
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x0000000000002450.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| acdsee | acdsee | 1.1.21 |
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000000b9e7a.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| acdsee | acdsee | 1.1.21 |
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000000b9c2f.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| acdsee | acdsee | 1.1.21 |
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000000c47ff.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| acdsee | acdsee | 1.1.21 |
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000001172b0.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| acdsee | acdsee | 1.1.21 |
An issue was discovered in ACDSee Photo Studio Standard 22.1 Build 1159. There is a User Mode Write AV starting at IDE_ACDStd!IEP_ShowPlugInDialog+0x000000000023d060.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| acdsee | photo_studio | 22.1 |
PlugIns\IDE_ACDStd.apl in ACDSee Photo Studio Studio Professional 2021 14.0 Build 1705 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x00000000000031aa.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| acdsee | photo_studio_2021 | 14.0 |
PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!zlibVersion+0x0000000000004e5e via a crafted BMP image.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| acdsee | photo_studio_2021 | 14.0 |
PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!JPEGTransW+0x000000000000c7f4 via a crafted BMP image.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| acdsee | photo_studio_2021 | 14.0 |