Google Picasa < 3.9 Build 136.17 Multiple Vulnerabilities
High Nessus Plugin ID 65925
SynopsisThe photo organizer running on the remote Windows host has multiple vulnerabilities.
DescriptionThe version of Google Picasa running on the remote host is earlier than 3.9 Build 136.17. As such, it is affected by the following vulnerabilities:
- A buffer underflow vulnerability exists in the 'LZWDecodeCompat' function in the LibTIFF library. An attacker could exploit this issue through the use of a specially crafted TIFF image, potentially causing a denial of service. (CVE-2009-2285)
- A sign-extension flaw exists that is triggered by the 'biBitCount' field that is not properly validated when processing the BMP color table. An attacker could exploit this issue though a specially crafted BMP image, potentially causing a heap-based buffer overflow resulting in a denial of service or arbitrary code execution.
SolutionUpgrade to Picasa 3.9.0 build 136.17 or later.