ACDSee generates a security vulnerability
Security firm Secunia has discovered a dangerous vulnerability in some versions of ACDSee products, threatening to allow hackers to gain unauthorized access to the system through malicious code.
The vulnerability arises due to an error in processing ACDSee BMP images, and can be exploited to overflow the heap memory through a special BMP image file (created by hackers).
Secunia's warning said that successful exploits may allow executing binary code on the affected system when the victim opens the "malicious" BMP image.
Confirmed vulnerabilities exist in versions: ACDSee Pro 8.1 Build 99, ACDSee 9.0 Build 108, and ACDSee Photo Editor 4.0 Build 195. Other versions may also affect you (ACDSee 2.x, ACDSee 3. x, ACDSee 4.x, ACDSee 5.x, ACDSee 6.x, ACDSee 7.x, ACDSee 8.x, ACDSee 9.x, ACDSee Photo Editor 4.x, ACDSee Pro 8.x)
Secunia recommends that users should not open images of unknown origin.
- Yahoo Messenger generates a DoS vulnerability
- IE, Firefox 'cross-apple' security error
- Cisco has not found a vulnerability in PIX
- Apache has a dangerous vulnerability
- Two more security errors appear from the WMF vulnerability
- Google Desktop vulnerability before the new attack
- IE 6 again generates a serious security error
- Code to exploit VML vulnerability
- New security vulnerabilities cripple IE
- $ 12,000 for a vulnerability in Vista or IE7
- Google continues to conflict with Microsoft
- A new vulnerability has appeared in Vista