HTTP: ACD Systems ACDSee Products XPM Values Section Buffer Overflow
This signature detects attempts to exploit a known a buffer overflow vulnerability in multiple ACDSee products. It is due to a boundary error when processing crafted XPM files. A remote attacker can exploit this by persuading the target user to open a malicious XPM file with the affected application. A successful attack can allow for arbitrary code being injected and executed with the privileges of the currently logged on user.The behavior of the target host is entirely dependent on the intended function of the injected code. In an unsuccessful attack, the vulnerable application terminates abnormally.
Extended Description
ACDSee Products are prone to multiple buffer-overflow vulnerabilities because the software fails to bounds-check user-supplied data before copying it into insufficiently sized buffers. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected software. Failed exploit attempts will result in a denial of service. These issues affect: ACDSee Photo Manager 9.0 ACDSee Pro Photo Manager 8.1 ACDSee Photo Editor 4.0 Other versions may also be vulnerable. Update: Reportedly ACDSee Photo Manager 10.0 is vulnerable to one of these issues.
Affected Products
Acd_systems_inc acdsee_photo_manager
Short Name
HTTP:STC:DL:ACDSEE-XPM-VALUES
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ACD ACDSee Buffer CVE-2007-6009 Overflow Products Section Systems Values XPM bid:26554
Release Date
10/19/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3677
False Positive
Unknown
Vendors
Acd_systems_inc
CVSS Score
9.3