Synopsis :

The remote Windows host has an image editing application installed
that is affected by multiple code execution vulnerabilities.

Description :

ACDSee, an image editing application, is installed on the remote
host. The installed version of ACDSee is earlier than 5.2 and thus
is potentially affected by multiple vulnerabilities :

- Insufficient validation in ID_ICO.apl when copying
colors from cursors in .CUR files can be exploited to
cause a heap-based buffer overflow.

- An error in IDE_ACDStd.apl when allocating memory based
on values in the Logical Screen Descriptor of a GIF
image can be exploited to corrupt heap memory.

- Insufficient validation of ID_PICT.apl of specific byte
values used as sizes in the image content can be
exploited to cause a heap-based buffer overflow.

- Insufficient validation in IDE_ACDStd.apl of specific
byte values used as sizes in the image content when
decompressing run-length encoded bitmaps can be
exploited to cause a heap-based buffer overflow.

See also :

http://www.nessus.org/u?19c5feb3
http://www.nessus.org/u?7eec010e
http://www.nessus.org/u?6335c667
http://www.nessus.org/u?6fc57f31

Solution :

Upgrade to ACDSee version 5.2 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true