CVE-2013-5349

Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a small size...

Integer overflow

Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a long TIFF StripByteCounts tag...

Integer overflow

Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a small size...

CVE-2013-5349

Google Picasa (Windows/macOS) versions prior to 3.9.0 Build 137.69 are affected by CVE-2013-5349 due to an integer underflow when parsing Canon RAW CR2 JPEG tags, which can trigger a heap-based buffer overflow and arbitrary code execution. The OpenVAS/Nessus entries confirm multiple related flaws...