CVE-2011-2747

2011-07-2818:55:02

CWE-94

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.025

Percentile

90.2%

JSON

Google Picasa before 3.6 Build 105.67 does not properly handle invalid properties in JPEG images, which allows remote attackers to execute arbitrary code via a crafted image file.

Affected configurations

Nvd

Node

googlepicasaRange≤3.6_build_105.65

googlepicasaMatch3.5

googlepicasaMatch3.5_build_79.67

googlepicasaMatch3.5_build_79.69

googlepicasaMatch3.5_build_79.74

googlepicasaMatch3.5_build_79.81

googlepicasaMatch3.5_build_95.18

googlepicasaMatch3.6_build_95.25

googlepicasaMatch3.6_build_105.41

googlepicasaMatch3.6_build_105.61

VendorProductVersionCPE
googlepicasa*cpe:2.3:a:google:picasa:*:*:*:*:*:*:*:*
googlepicasa3.5cpe:2.3:a:google:picasa:3.5:*:*:*:*:*:*:*
googlepicasa3.5_build_79.67cpe:2.3:a:google:picasa:3.5_build_79.67:*:*:*:*:*:*:*
googlepicasa3.5_build_79.69cpe:2.3:a:google:picasa:3.5_build_79.69:*:*:*:*:*:*:*
googlepicasa3.5_build_79.74cpe:2.3:a:google:picasa:3.5_build_79.74:*:*:*:*:*:*:*
googlepicasa3.5_build_79.81cpe:2.3:a:google:picasa:3.5_build_79.81:*:*:*:*:*:*:*
googlepicasa3.5_build_95.18cpe:2.3:a:google:picasa:3.5_build_95.18:*:*:*:*:*:*:*
googlepicasa3.6_build_95.25cpe:2.3:a:google:picasa:3.6_build_95.25:*:*:*:*:*:*:*
googlepicasa3.6_build_105.41cpe:2.3:a:google:picasa:3.6_build_105.41:*:*:*:*:*:*:*
googlepicasa3.6_build_105.61cpe:2.3:a:google:picasa:3.6_build_105.61:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	picasa	*	cpe:2.3:a:google:picasa::::::::
google	picasa	3.5	cpe:2.3:a:google:picasa:3.5:::::::*
google	picasa	3.5_build_79.67	cpe:2.3:a:google:picasa:3.5_build_79.67:::::::*
google	picasa	3.5_build_79.69	cpe:2.3:a:google:picasa:3.5_build_79.69:::::::*
google	picasa	3.5_build_79.74	cpe:2.3:a:google:picasa:3.5_build_79.74:::::::*
google	picasa	3.5_build_79.81	cpe:2.3:a:google:picasa:3.5_build_79.81:::::::*
google	picasa	3.5_build_95.18	cpe:2.3:a:google:picasa:3.5_build_95.18:::::::*
google	picasa	3.6_build_95.25	cpe:2.3:a:google:picasa:3.6_build_95.25:::::::*
google	picasa	3.6_build_105.41	cpe:2.3:a:google:picasa:3.6_build_105.41:::::::*
google	picasa	3.6_build_105.61	cpe:2.3:a:google:picasa:3.6_build_105.61:::::::*