ACDSee is a suite of products for viewing and organizing photos.
A buffer overflow vulnerability in the
**AM_LHA.apl** plug-ins could allow command execution when a user opens an XPM file with a long, specially crafted section string.
Apply the patch referenced in the Technical Note.
Exploit works on ACDSee Photo Manager 9.0 on Windows 2000 SP4, Windows XP SP2, and Windows Vista SP0 and requires a user to open the exploit file using the affected software.