Google

Picasa

11 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2015-8221

  • EPSS 24.93%
  • Published 17.11.2015 15:59:22
  • Last modified 12.04.2025 10:46:40

Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow.

10

CVE-2015-8096

  • EPSS 10.25%
  • Published 09.11.2015 16:59:13
  • Last modified 12.04.2025 10:46:40

Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute arbitrary code via unspecified vectors related to "phase one 0x412 tag," which triggers a heap-based buffer overflow.

7.5

CVE-2013-5349

  • EPSS 2.56%
  • Published 09.01.2014 00:55:02
  • Last modified 11.04.2025 00:51:21

Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large J...

7.5

CVE-2013-5357

  • EPSS 2.56%
  • Published 09.01.2014 00:55:02
  • Last modified 11.04.2025 00:51:21

Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a long TIFF S...

7.5

CVE-2013-5358

  • EPSS 0.71%
  • Published 09.01.2014 00:55:02
  • Last modified 11.04.2025 00:51:21

Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory corruption via a crafted TIFF tag, as demonstrated using a KDC file with a DSLR-A100 model and certain sequences of tags.

7.5

CVE-2013-5359

  • EPSS 2.56%
  • Published 09.01.2014 00:55:02
  • Last modified 11.04.2025 00:51:21

Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 might allow remote attackers to execute arbitrary code via a crafted RAW file, as demonstrated using a KDC file with a certain size.

9.3

CVE-2011-2747

  • EPSS 3.28%
  • Published 28.07.2011 18:55:02
  • Last modified 11.04.2025 00:51:21

Google Picasa before 3.6 Build 105.67 does not properly handle invalid properties in JPEG images, which allows remote attackers to execute arbitrary code via a crafted image file.

6.9

CVE-2011-0458

  • EPSS 0.03%
  • Published 28.03.2011 16:55:04
  • Last modified 11.04.2025 00:51:21

Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory.

5

CVE-2007-4847

  • EPSS 0.16%
  • Published 12.09.2007 20:17:00
  • Last modified 09.04.2025 00:30:58

Google Picasa allows remote attackers to read image files stored by Picasa via unspecified vectors involving a picasa:// URI. NOTE: this information is based upon a vague pre-advisory.

7.5

CVE-2007-4823

  • EPSS 0.13%
  • Published 11.09.2007 19:17:00
  • Last modified 09.04.2025 00:30:58

Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory.