JVN#99977321: Picasa may insecurely load executable files

Picasa is a software for viewing and managing photos. Picasa loads certain executables when using the “Locate on Disk” function. Picasa contains an issue with the file search path, which may insecurely load executables.

Impact

An attacker may execute arbitrary code with the privilege of the running application.

Solution

Update the software
Update to the latest version according to the information provided by the developer.

Products Affected

• Picasa versions prior to 3.8