Vendor CVEs
Acdsee
All CVEs
24 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-2886 | Hig | 0.51 | 7.8 | 0.01 | Dec 11, 2017 | A memory corruption vulnerability exists in the .PSD parsing functionality of ACDSee Ultimate 10.0.0.292. A specially crafted .PSD file can cause an out of bounds write vulnerability resulting in potential code execution. An attacker can send a specific .PSD file to trigger this… | ||
| CVE-2011-2595 | 0.08 | — | 0.61 | Sep 14, 2011 | Multiple stack-based buffer overflows in ACDSee FotoSlate 4.0 Build 146 allow remote attackers to execute arbitrary code via a long id parameter in a (1) String or (2) Int tag in a FotoSlate Project (aka PLP) file. | |||
| CVE-2007-2193 | 0.06 | — | 0.37 | Apr 24, 2007 | Stack-based buffer overflow in the ID_X.apl plugin in ACDSee 9.0 Build 108, Pro 8.1 Build 99, and Photo Editor 4.0 Build 195 allows user-assisted remote attackers to execute arbitrary code via a crafted XPM file with a long section string. NOTE: some of these details are… | |||
| CVE-2007-1943 | 0.04 | — | 0.09 | Apr 11, 2007 | Integer overflow in ACDSee Photo Manager 9.0 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via large width image sizes in a crafted BMP image, as demonstrated by w3intof.bmp and w4intof.bmp. | |||
| CVE-2022-36857 | 0.00 | — | 0.00 | Sep 9, 2022 | Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data. | |||
| CVE-2022-36853 | 0.00 | — | 0.00 | Sep 9, 2022 | Intent redirection in Photo Editor prior to SMR Sep-2022 Release 1 allows attacker to get sensitive information. | |||
| CVE-2021-26025 | 0.00 | — | 0.01 | Jan 25, 2021 | PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!zlibVersion+0x0000000000004e5e via a crafted BMP image. | |||
| CVE-2020-29595 | 0.00 | — | 0.01 | Dec 7, 2020 | PlugIns\IDE_ACDStd.apl in ACDSee Photo Studio Studio Professional 2021 14.0 Build 1705 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x00000000000031aa. | |||
| CVE-2019-15293 | 0.00 | — | 0.01 | Aug 21, 2019 | An issue was discovered in ACDSee Photo Studio Standard 22.1 Build 1159. There is a User Mode Write AV starting at IDE_ACDStd!IEP_ShowPlugInDialog+0x000000000023d060. | |||
| CVE-2019-13252 | 0.00 | — | 0.01 | Jul 4, 2019 | ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000001172b0. | |||
| CVE-2019-13251 | 0.00 | — | 0.01 | Jul 4, 2019 | ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000000c47ff. | |||
| CVE-2019-13250 | 0.00 | — | 0.01 | Jul 4, 2019 | ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000000b9c2f. | |||
| CVE-2019-13249 | 0.00 | — | 0.01 | Jul 4, 2019 | ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000000b9e7a. | |||
| CVE-2019-13248 | 0.00 | — | 0.01 | Jul 4, 2019 | ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x0000000000002450. | |||
| CVE-2019-13247 | 0.00 | — | 0.01 | Jul 4, 2019 | ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x00000000000024ed. | |||
| CVE-2011-5153 | 0.00 | — | 0.00 | Sep 6, 2012 | Untrusted search path vulnerability in FotoSlate 4.0 Build 146 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .plp file. NOTE: the provenance of this information is… | |||
| CVE-2011-5152 | 0.00 | — | 0.00 | Sep 6, 2012 | Multiple untrusted search path vulnerabilities in ACDSee Photo Editor 2008 5.x build 291 allow local users to gain privileges via a Trojan horse (1) Wintab32.dll or (2) CV11-DialogEditor.dll file in the current working directory, as demonstrated by a directory that contains a… | |||
| CVE-2011-5151 | 0.00 | — | 0.00 | Sep 6, 2012 | Untrusted search path vulnerability in ACDSee Picture Frame Manager 1.0 Build 81 allows local users to gain privileges via a Trojan horse ShellIntMgrPFMU.dll file in the current working directory, as demonstrated by a directory that contains a .jpg file. NOTE: the provenance of… | |||
| CVE-2012-1197 | 0.00 | — | 0.04 | Feb 18, 2012 | Integer overflow in the IDE_ACDStd.apl module for ACDSee 14.1 Build 137 allows remote attackers to execute arbitrary code via crafted "image dimension values" in a BMP file, which triggers a heap-based buffer overflow. | |||
| CVE-2008-0715 | 0.00 | — | 0.04 | Feb 12, 2008 | Buffer overflow in ACDSee Photo Manager 8.1, 9.0, and 10.0 allows user-assisted remote attackers to execute arbitrary code via a malformed XBM file. NOTE: this might be the same as CVE-2007-6009. | |||
| CVE-2007-4344 | 0.00 | — | 0.05 | Nov 15, 2007 | Multiple input validation errors in ACD ACDSee Photo Manager 9.0 build 108, Pro Photo Manager 8.1 build 99, and Photo Editor 4.0 build 195 allow user-assisted remote attackers to execute arbitrary code via a long section string in (1) a PSP image to the ID_PSP.apl plug-in or (2)… | |||
| CVE-2007-6009 | 0.00 | — | 0.04 | Nov 15, 2007 | Multiple buffer overflows in ACD products allow user-assisted remote attackers to execute arbitrary code via a long section string in a (1) XBM or (2) XPM file to (a) ID_X.apl or (b) IDE_ACDStd.apl. NOTE: the PSP and LHA vectors are already covered by CVE-2007-4344 and… | |||
| CVE-2007-6007 | 0.00 | — | 0.03 | Nov 15, 2007 | Integer overflow in the ID_PSP.apl plug-in for ACD ACDSee Photo Manager 9.0 build 108, Pro Photo Manager 8.1 build 99, and Photo Editor 4.0 build 195 allows user-assisted remote attackers to execute arbitrary code via a crafted PSP image that triggers a heap-based buffer… | |||
| CVE-2002-1756 | 0.00 | — | 0.02 | Dec 31, 2002 | ACDSee 4.0 allows remote attackers to cause a denial of service (crash) via an .ais file with a long file description field, which is not properly handled when the file properties of the file are viewed. |
- risk 0.51cvss 7.8epss 0.01
A memory corruption vulnerability exists in the .PSD parsing functionality of ACDSee Ultimate 10.0.0.292. A specially crafted .PSD file can cause an out of bounds write vulnerability resulting in potential code execution. An attacker can send a specific .PSD file to trigger this…
- CVE-2011-2595Sep 14, 2011risk 0.08cvss —epss 0.61
Multiple stack-based buffer overflows in ACDSee FotoSlate 4.0 Build 146 allow remote attackers to execute arbitrary code via a long id parameter in a (1) String or (2) Int tag in a FotoSlate Project (aka PLP) file.
- CVE-2007-2193Apr 24, 2007risk 0.06cvss —epss 0.37
Stack-based buffer overflow in the ID_X.apl plugin in ACDSee 9.0 Build 108, Pro 8.1 Build 99, and Photo Editor 4.0 Build 195 allows user-assisted remote attackers to execute arbitrary code via a crafted XPM file with a long section string. NOTE: some of these details are…
- CVE-2007-1943Apr 11, 2007risk 0.04cvss —epss 0.09
Integer overflow in ACDSee Photo Manager 9.0 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via large width image sizes in a crafted BMP image, as demonstrated by w3intof.bmp and w4intof.bmp.
- CVE-2022-36857Sep 9, 2022risk 0.00cvss —epss 0.00
Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data.
- CVE-2022-36853Sep 9, 2022risk 0.00cvss —epss 0.00
Intent redirection in Photo Editor prior to SMR Sep-2022 Release 1 allows attacker to get sensitive information.
- CVE-2021-26025Jan 25, 2021risk 0.00cvss —epss 0.01
PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!zlibVersion+0x0000000000004e5e via a crafted BMP image.
- CVE-2020-29595Dec 7, 2020risk 0.00cvss —epss 0.01
PlugIns\IDE_ACDStd.apl in ACDSee Photo Studio Studio Professional 2021 14.0 Build 1705 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x00000000000031aa.
- CVE-2019-15293Aug 21, 2019risk 0.00cvss —epss 0.01
An issue was discovered in ACDSee Photo Studio Standard 22.1 Build 1159. There is a User Mode Write AV starting at IDE_ACDStd!IEP_ShowPlugInDialog+0x000000000023d060.
- CVE-2019-13252Jul 4, 2019risk 0.00cvss —epss 0.01
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000001172b0.
- CVE-2019-13251Jul 4, 2019risk 0.00cvss —epss 0.01
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000000c47ff.
- CVE-2019-13250Jul 4, 2019risk 0.00cvss —epss 0.01
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000000b9c2f.
- CVE-2019-13249Jul 4, 2019risk 0.00cvss —epss 0.01
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000000b9e7a.
- CVE-2019-13248Jul 4, 2019risk 0.00cvss —epss 0.01
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x0000000000002450.
- CVE-2019-13247Jul 4, 2019risk 0.00cvss —epss 0.01
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x00000000000024ed.
- CVE-2011-5153Sep 6, 2012risk 0.00cvss —epss 0.00
Untrusted search path vulnerability in FotoSlate 4.0 Build 146 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .plp file. NOTE: the provenance of this information is…
- CVE-2011-5152Sep 6, 2012risk 0.00cvss —epss 0.00
Multiple untrusted search path vulnerabilities in ACDSee Photo Editor 2008 5.x build 291 allow local users to gain privileges via a Trojan horse (1) Wintab32.dll or (2) CV11-DialogEditor.dll file in the current working directory, as demonstrated by a directory that contains a…
- CVE-2011-5151Sep 6, 2012risk 0.00cvss —epss 0.00
Untrusted search path vulnerability in ACDSee Picture Frame Manager 1.0 Build 81 allows local users to gain privileges via a Trojan horse ShellIntMgrPFMU.dll file in the current working directory, as demonstrated by a directory that contains a .jpg file. NOTE: the provenance of…
- CVE-2012-1197Feb 18, 2012risk 0.00cvss —epss 0.04
Integer overflow in the IDE_ACDStd.apl module for ACDSee 14.1 Build 137 allows remote attackers to execute arbitrary code via crafted "image dimension values" in a BMP file, which triggers a heap-based buffer overflow.
- CVE-2008-0715Feb 12, 2008risk 0.00cvss —epss 0.04
Buffer overflow in ACDSee Photo Manager 8.1, 9.0, and 10.0 allows user-assisted remote attackers to execute arbitrary code via a malformed XBM file. NOTE: this might be the same as CVE-2007-6009.
- CVE-2007-4344Nov 15, 2007risk 0.00cvss —epss 0.05
Multiple input validation errors in ACD ACDSee Photo Manager 9.0 build 108, Pro Photo Manager 8.1 build 99, and Photo Editor 4.0 build 195 allow user-assisted remote attackers to execute arbitrary code via a long section string in (1) a PSP image to the ID_PSP.apl plug-in or (2)…
- CVE-2007-6009Nov 15, 2007risk 0.00cvss —epss 0.04
Multiple buffer overflows in ACD products allow user-assisted remote attackers to execute arbitrary code via a long section string in a (1) XBM or (2) XPM file to (a) ID_X.apl or (b) IDE_ACDStd.apl. NOTE: the PSP and LHA vectors are already covered by CVE-2007-4344 and…
- CVE-2007-6007Nov 15, 2007risk 0.00cvss —epss 0.03
Integer overflow in the ID_PSP.apl plug-in for ACD ACDSee Photo Manager 9.0 build 108, Pro Photo Manager 8.1 build 99, and Photo Editor 4.0 build 195 allows user-assisted remote attackers to execute arbitrary code via a crafted PSP image that triggers a heap-based buffer…
- CVE-2002-1756Dec 31, 2002risk 0.00cvss —epss 0.02
ACDSee 4.0 allows remote attackers to cause a denial of service (crash) via an .ais file with a long file description field, which is not properly handled when the file properties of the file are viewed.