Picasa
Sign in to watchby Google
CVEs (10)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-8221 | 0.02 | — | 0.25 | Nov 17, 2015 | Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow. | ||
| CVE-2013-5359 | 0.00 | — | 0.03 | Jan 9, 2014 | Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 might allow remote attackers to execute arbitrary code via a crafted RAW file, as demonstrated using a KDC file with a certain size. | ||
| CVE-2013-5358 | 0.00 | — | 0.01 | Jan 9, 2014 | Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory corruption via a crafted TIFF tag, as demonstrated using a KDC file with a DSLR-A100 model and certain sequences of tags. | ||
| CVE-2013-5357 | 0.00 | — | 0.03 | Jan 9, 2014 | Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a long TIFF StripByteCounts tag. | ||
| CVE-2013-5349 | 0.00 | — | 0.03 | Jan 9, 2014 | Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a small size. | ||
| CVE-2011-2747 | 0.00 | — | 0.03 | Jul 28, 2011 | Google Picasa before 3.6 Build 105.67 does not properly handle invalid properties in JPEG images, which allows remote attackers to execute arbitrary code via a crafted image file. | ||
| CVE-2011-0458 | 0.00 | — | 0.00 | Mar 28, 2011 | Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory. | ||
| CVE-2007-4847 | 0.00 | — | 0.00 | Sep 12, 2007 | Google Picasa allows remote attackers to read image files stored by Picasa via unspecified vectors involving a picasa:// URI. NOTE: this information is based upon a vague pre-advisory. | ||
| CVE-2007-4823 | 0.00 | — | 0.00 | Sep 11, 2007 | Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory. | ||
| CVE-2007-4824 | 0.00 | — | 0.00 | Sep 11, 2007 | Multiple cross-application scripting (XAS) vulnerabilities in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory. |