ACD Systems Fotoslate PLP File ID Parameter Buffer Overflow

2011-10-24T00:00:00
ID SAINT:4DFA71F304B09B0D93E62701F952AC82
Type saint
Reporter SAINT Corporation
Modified 2011-10-24T00:00:00

Description

Added: 10/24/2011
CVE: CVE-2011-2595
BID: 49558
OSVDB: 75425

Background

ACD Systems FotoSlate 4 Photo Print Studio allows users to create contact sheets or wallet sized prints, choose themed frames, and create custom calendars.

Problem

Fotoslate 4.0 Build 146 is vulnerable to remote code execution if a user opens a malicious Fotoslate **PLP** file. The vulnerability is due to inadequate boundary checking in **FSEngine4.dll** when processing a long **id** parameter to a **String** tag.

Resolution

Update Fotoslate when a newer release than FotoSlate 4.0 Build 146 is available.

References

<http://secunia.com/advisories/44722>

Limitations

Exploit works on ACD Systems FotoSlate 4.0 Build 146.

The target user must open the exploit file with the affected application.

Platforms

Windows