ACD Systems ACDSee Products XBM File Handling Buffer OverflowAdded: 01/21/2010
BackgroundACDSee is a suite of products for viewing and organizing photos.
ProblemA buffer overflow vulnerability in the ID_X.apl plug-in allows command execution when a user opens a specially crafted XBM file.
ResolutionApply a patch or upgrade when released by the vendor. In the interim, avoid opening XBM files from untrusted sources or use an alternative application to process XBM files.
LimitationsExploit works on ACDSee Systems ACDSee Photo Manager 10.0 Build 238 and requires a user to open the XBM file using the affected software.
Back to exploit index