فا

‫ ACDSee Picture Frame Manager Insecure Library Loading Vulnerability

IRCAD2011061230
ID:IRCAD2011061230
Release Date: 2011-06-07
Criticality level: Highly critical
Software:
ACDSee Picture Frame Manager 1.x
 
Description:
A vulnerability has been discovered in ACDSee Picture Frame Manager, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading libraries (e.g. ShellIntMgrPFMU.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a JPG file located on a remote WebDAV or SMB share.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 1.0 Build 81. Other versions may also be affected.
 
Solution:
Do not open untrusted files.
 
References:
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 25 بهمن 1390

امتیاز

امتیاز شما
تعداد امتیازها:0