Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow.
Max CVSS
10.0
EPSS Score
2.51%
Published
2015-11-17
Updated
2018-10-09
Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute arbitrary code via unspecified vectors related to "phase one 0x412 tag," which triggers a heap-based buffer overflow.
Max CVSS
10.0
EPSS Score
2.51%
Published
2015-11-09
Updated
2018-10-09
Google Picasa before 3.6 Build 105.67 does not properly handle invalid properties in JPEG images, which allows remote attackers to execute arbitrary code via a crafted image file.
Max CVSS
9.3
EPSS Score
2.72%
Published
2011-07-28
Updated
2017-08-29
3 vulnerabilities found