CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
99.3%
Stack-based buffer overflow in the ID_X.apl plugin in ACDSee 9.0 Build 108, Pro 8.1 Build 99, and Photo Editor 4.0 Build 195 allows user-assisted remote attackers to execute arbitrary code via a crafted XPM file with a long section string. NOTE: some of these details are obtained from third party information.
Vendor | Product | Version | CPE |
---|---|---|---|
acd_systems | acdsee | 8.1_build_99 | cpe:2.3:a:acd_systems:acdsee:8.1_build_99:*:pro:*:*:*:*:* |
acd_systems | acdsee | 9.0_build_108 | cpe:2.3:a:acd_systems:acdsee:9.0_build_108:*:*:*:*:*:*:* |
acd_systems | photo_editor | 4.0_build_195 | cpe:2.3:a:acd_systems:photo_editor:4.0_build_195:*:*:*:*:*:*:* |