Google Picasa JPEG Processing Integer Overflow Vulnerability

Posted on Wednesday, February 24, 2010 @ 21:35:15 PST in Security
by Raven

SECUNIA ADVISORY ID: SA38435

VERIFY ADVISORY: http://secunia.com/advisories/38435/

CRITICAL: Moderately Critical

DESCRIPTION: Tielei Wang has discovered a vulnerability in Google Picasa, which can be exploited by malicious people to potentially compromise a user's system. Successful exploitation may allow execution of arbitrary code.

The vulnerability is caused due to an integer overflow error in PicasaPhotoViewer.exe when processing JPEG files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted JPEG file and e.g. zooming in. The vulnerability is confirmed in PicasaPhotoViewer.exe version 3.6.95.25, included in Google Picasa 3.6 build 95.25. Prior versions may also be affected.

SOLUTION: Update to version 3.6 build 105.41.

PROVIDED AND/OR DISCOVERED BY: Tielei Wang from ICST-ERCIS, reported through Secunia
 
 
click Related        click Share
 
 
Associated Topics

Internet
 
News ©

Site Info v2.2.2

Last SeenLast Seen
Server TrafficServer Traffic
  • Total: 369,810,063
  • Today: 24,707
Server InfoServer Info
  • Oct 21, 2018
  • 07:04 am PDT
 
 

Daily Inspiration