CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
94.0%
Integer overflow in the IDE_ACDStd.apl module for ACDSee 14.1 Build 137 allows remote attackers to execute arbitrary code via crafted “image dimension values” in a BMP file, which triggers a heap-based buffer overflow.
Vendor | Product | Version | CPE |
---|---|---|---|
acd_systems | acdsee | 14.1_build_137 | cpe:2.3:a:acd_systems:acdsee:14.1_build_137:*:*:*:*:*:*:* |