ACDSee is a suite of products for viewing and organizing photos.
A buffer overflow vulnerability in the
**ID_X.apl** plug-in allows command execution when a user opens a specially crafted XBM file.
Apply a patch or upgrade when released by the vendor. In the interim, avoid opening XBM files from untrusted sources or use an alternative application to process XBM files.
Exploit works on ACDSee Systems ACDSee Photo Manager 10.0 Build 238 and requires a user to open the XBM file using the affected software.