1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP ACDSee XPM File BO

HTTP ACDSee XPM File BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability in ACDSee.

Additional Information

ACDSee is a photo viewer available for multiple platforms.

The application is prone to a buffer-overflow vulnerability because it fails to bounds-check user-supplied input before copying it into an insufficiently sized buffer.

The problem occurs when handling a specially crafted 'XPM' file with an excessively large 'XPMHeader'.

An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial of service.

This issue affects ACDSee 9.0; other versions may also be vulnerable.

Affected

  • ACD Systems Inc ACDSee Quick View 9.0

Response

Ensure that the latest version of ACDSee is installed and all available vendor supplied patches installed.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube