CVE-2012-10051

Exploit

EPSS 0.33%
Veröffentlicht 08.08.2025 18:11:52
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

Photodex ProShow Producer 5.0.3256 load File Handling Buffer Overflow

Photodex ProShow Producer version 5.0.3256 contains a stack-based buffer overflow vulnerability in the handling of plugin load list files. When a specially crafted load file is placed in the installation directory, the application fails to properly validate its contents, leading to a buffer overflow when the file is parsed during startup. Exploitation requires local access to place the file and user interaction to launch the application.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 11

CNA 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerPhotodex Corporation

≫

Produkt ProShow Producer

Default Statusunknown

Version 5.0.3256

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.33%	0.244

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
disclosure@vulncheck.com	8.4	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-121 Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/proshow_load_bof.rb

https://www.exploit-db.com/exploits/19563

https://www.exploit-db.com/exploits/20109

https://web.archive.org/web/20120727035341/http://security.inshell.net/advisory/30

https://www.fortiguard.com/encyclopedia/ips/32753

https://erinkrespan.com/what-happened-to-photodex-proshow-producer/

https://archive.org/details/PhotodexProShowProducer7.0.3514Keymaker_20180127

https://www.vulncheck.com/advisories/photodex-proshow-producer-load-file-handling-buffer-overflow

https://nvd.nist.gov/vuln/detail/CVE-2012-10051

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-10051

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-10051

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2012-10051