This script is Copyright (C) 2011-2012 Tenable Network Security, Inc.
The photo organizer running on the remote Windows host allows
arbitrary code execution.
The version of Google Picasa running on the remote host is earlier
than 3.8. Such versions insecurely look in their current working
directory when resolving DLL dependencies.
Attackers may exploit the issue by placing a specially crafted DLL
file and another file associated with the application in a location
controlled by the attacker. When the associated file is launched, the
attacker's arbitrary code can be executed.
See also :
Upgrade to Picasa 3.8 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true