N/A

Multiple buffer overflows in ACD products allow user-assisted remote attackers to execute arbitrary code via a long section string in a (1) XBM or (2) XPM file to (a) ID_X.apl or (b) IDE_ACDStd.apl. NOTE: the PSP and LHA vectors are already covered by CVE-2007-4344 and CVE-2007-6007. NOTE: these might be integer overflows rather than buffer overflows.

N/A

N/A

ACDSee产品多个插件缓冲区溢出漏洞

ACDSee是一款图象查看、转换、管理工具，可使用在Microsoft Windows操作系统下。 ACDSee所使用的ID_X.apl、IDE_ACDStd.apl、ID_PSP.ap和AM_LHA.apl插件在处理XBM/XPM/PSP/LHA文件时存在缓冲区溢出漏洞，如果用户受骗打开了带有超长字符串的XBM/XPM/PSP/LHA文件的话，就可能触发这些溢出，导致执行任意指令。

N/A

N/A