Picasa JPEG processing integer overflow vulnerability reported

Forum

Picasa JPEG processing integer overflow vulnerability reported
Juha-Matti Laurio	Wednesday, February 24, 2010 14 years ago • 2,234 views
More information via Secunia's advisory at http://secunia.com/advisories/38435/ Summary: "Tielei Wang has discovered a vulnerability in Google Picasa, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an integer overflow error in PicasaPhotoViewer.exe when processing JPEG files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted JPEG file and e.g. zooming in." The non-affected version is 3.6 build 105.41.

Blog | Forum more >> Archive | Feed | Google's blogs | About

This site unofficially covers Google™ and more with some rights reserved. Join our forum!