Google Picasa JPEG Image Processing Integer Overflow Vulnerability

2010-02-25T00:00:00
ID SSV:19180
Type seebug
Reporter Root
Modified 2010-02-25T00:00:00

Description

A vulnerability has been identified in Google Picasa, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by an integer overflow error in "PicasaPhotoViewer.exe" when processing malformed JPEG images, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a specially crafted JPEG file and e.g. zooming in.

Google Picasa version 3.6 build 95.25 and prior Upgrade to version 3.6 build 105.41: http://picasa.google.com/