More information via Secunia's advisory at http://secunia.com/advisories/38435/
Summary: "Tielei Wang has discovered a vulnerability in Google Picasa, which can be exploited by malicious people to potentially compromise a user's system.
The vulnerability is caused due to an integer overflow error in PicasaPhotoViewer.exe when processing JPEG files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted JPEG file and e.g. zooming in."
The non-affected version is 3.6 build 105.41. |