CVE-2012-1197

Description

Integer overflow in the IDE_ACDStd.apl module for ACDSee 14.1 Build 137 allows remote attackers to execute arbitrary code via crafted "image dimension values" in a BMP file, which triggers a heap-based buffer overflow.

Affected products

• ACD Systems / acdsee14.1_build_137 – 14.1_build_137

References

• MISChttp://www.securityfocus.com/bid/52047
• MISChttp://osvdb.org/79305
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/73242
• VENDOR_ADVISORYhttp://secunia.com/advisories/47450