TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
Vulnerability in AcdSee Photo Manager
Discovery Date: Jan 25, 2008
Risk: Low
Affected Software:
  • AcdSee Photo Manager 10.0
  • AcdSee Photo Manager 8.1+pack
  • AcdSee Photo Manager 9.0+pack
Description:

Analysts from Trend Micro discovered a vulnerability in the AcdSee Photo Manager, which is a software shipped with the following Windows NT-based platforms:

  • Windows 2000
  • Windows XP
  • Windows Server 2003

This vulnerability is found when the photo manager attempts to read a malformed .XBM file, which in turn causes a buffer overflow attack against a device once exploited. This overflow may allow a remote user to execute arbitrary code on the affected system. It may also cause a denial of service (DoS) attack.


Workaround Fixes:

Trend Micro discourages users from opening .XBM files from untrusted or questionable sources.
 
Search for another Security Advisory
Keyword: