Search criteria
23 vulnerabilities found for picasa by google
CVE-2015-8221 (GCVE-0-2015-8221)
Vulnerability from nvd – Published: 2015-11-17 15:00 – Updated: 2024-08-06 08:13
VLAI?
Summary
Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:13:31.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2015-5/"
},
{
"name": "20151111 Secunia Research: Google Picasa CAMF Section Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/536878/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/134315/Google-Picasa-CAMF-Section-Integer-Overflow.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2015-5/"
},
{
"name": "20151111 Secunia Research: Google Picasa CAMF Section Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/536878/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/134315/Google-Picasa-CAMF-Section-Integer-Overflow.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/secunia_research/2015-5/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2015-5/"
},
{
"name": "20151111 Secunia Research: Google Picasa CAMF Section Integer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536878/100/0/threaded"
},
{
"name": "http://packetstormsecurity.com/files/134315/Google-Picasa-CAMF-Section-Integer-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134315/Google-Picasa-CAMF-Section-Integer-Overflow.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8221",
"datePublished": "2015-11-17T15:00:00",
"dateReserved": "2015-11-17T00:00:00",
"dateUpdated": "2024-08-06T08:13:31.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8096 (GCVE-0-2015-8096)
Vulnerability from nvd – Published: 2015-11-09 16:00 – Updated: 2024-08-06 08:13
VLAI?
Summary
Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute arbitrary code via unspecified vectors related to "phase one 0x412 tag," which triggers a heap-based buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:13:31.016Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2015-3/"
},
{
"name": "20151026 Secunia Research: Google Picasa Phase One Tags Processing Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/536761/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/134084/Google-Picasa-Phase-One-Tags-Processing-Integer-Overflow.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute arbitrary code via unspecified vectors related to \"phase one 0x412 tag,\" which triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2015-3/"
},
{
"name": "20151026 Secunia Research: Google Picasa Phase One Tags Processing Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/536761/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/134084/Google-Picasa-Phase-One-Tags-Processing-Integer-Overflow.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute arbitrary code via unspecified vectors related to \"phase one 0x412 tag,\" which triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/secunia_research/2015-3/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2015-3/"
},
{
"name": "20151026 Secunia Research: Google Picasa Phase One Tags Processing Integer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536761/100/0/threaded"
},
{
"name": "http://packetstormsecurity.com/files/134084/Google-Picasa-Phase-One-Tags-Processing-Integer-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134084/Google-Picasa-Phase-One-Tags-Processing-Integer-Overflow.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8096",
"datePublished": "2015-11-09T16:00:00",
"dateReserved": "2015-11-09T00:00:00",
"dateUpdated": "2024-08-06T08:13:31.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5359 (GCVE-0-2013-5359)
Vulnerability from nvd – Published: 2014-01-09 00:00 – Updated: 2024-08-06 17:06
VLAI?
Summary
Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 might allow remote attackers to execute arbitrary code via a crafted RAW file, as demonstrated using a KDC file with a certain size.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:06:52.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55555"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029527"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.google.com/picasa/answer/53209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 might allow remote attackers to execute arbitrary code via a crafted RAW file, as demonstrated using a KDC file with a certain size."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-08T23:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "55555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55555"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029527"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.google.com/picasa/answer/53209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2013-5359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 might allow remote attackers to execute arbitrary code via a crafted RAW file, as demonstrated using a KDC file with a certain size."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55555",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55555"
},
{
"name": "http://secunia.com/secunia_research/2013-14/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029527"
},
{
"name": "https://support.google.com/picasa/answer/53209",
"refsource": "CONFIRM",
"url": "https://support.google.com/picasa/answer/53209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2013-5359",
"datePublished": "2014-01-09T00:00:00",
"dateReserved": "2013-08-21T00:00:00",
"dateUpdated": "2024-08-06T17:06:52.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5358 (GCVE-0-2013-5358)
Vulnerability from nvd – Published: 2014-01-09 00:00 – Updated: 2024-08-06 17:06
VLAI?
Summary
Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory corruption via a crafted TIFF tag, as demonstrated using a KDC file with a DSLR-A100 model and certain sequences of tags.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:06:52.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55555"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029527"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.google.com/picasa/answer/53209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory corruption via a crafted TIFF tag, as demonstrated using a KDC file with a DSLR-A100 model and certain sequences of tags."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-08T23:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "55555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55555"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029527"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.google.com/picasa/answer/53209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2013-5358",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory corruption via a crafted TIFF tag, as demonstrated using a KDC file with a DSLR-A100 model and certain sequences of tags."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55555",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55555"
},
{
"name": "http://secunia.com/secunia_research/2013-14/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029527"
},
{
"name": "https://support.google.com/picasa/answer/53209",
"refsource": "CONFIRM",
"url": "https://support.google.com/picasa/answer/53209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2013-5358",
"datePublished": "2014-01-09T00:00:00",
"dateReserved": "2013-08-21T00:00:00",
"dateUpdated": "2024-08-06T17:06:52.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5357 (GCVE-0-2013-5357)
Vulnerability from nvd – Published: 2014-01-09 00:00 – Updated: 2024-08-06 17:06
VLAI?
Summary
Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a long TIFF StripByteCounts tag.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:06:52.334Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55555"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029527"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.google.com/picasa/answer/53209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a long TIFF StripByteCounts tag."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-08T23:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "55555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55555"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029527"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.google.com/picasa/answer/53209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2013-5357",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a long TIFF StripByteCounts tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55555",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55555"
},
{
"name": "http://secunia.com/secunia_research/2013-14/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029527"
},
{
"name": "https://support.google.com/picasa/answer/53209",
"refsource": "CONFIRM",
"url": "https://support.google.com/picasa/answer/53209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2013-5357",
"datePublished": "2014-01-09T00:00:00",
"dateReserved": "2013-08-21T00:00:00",
"dateUpdated": "2024-08-06T17:06:52.334Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5349 (GCVE-0-2013-5349)
Vulnerability from nvd – Published: 2014-01-09 00:00 – Updated: 2024-08-06 17:06
VLAI?
Summary
Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a small size.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:06:52.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55555"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029527"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.google.com/picasa/answer/53209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a small size."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-08T23:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "55555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55555"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029527"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.google.com/picasa/answer/53209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2013-5349",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a small size."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55555",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55555"
},
{
"name": "http://secunia.com/secunia_research/2013-14/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029527"
},
{
"name": "https://support.google.com/picasa/answer/53209",
"refsource": "CONFIRM",
"url": "https://support.google.com/picasa/answer/53209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2013-5349",
"datePublished": "2014-01-09T00:00:00",
"dateReserved": "2013-08-21T00:00:00",
"dateUpdated": "2024-08-06T17:06:52.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2747 (GCVE-0-2011-2747)
Vulnerability from nvd – Published: 2011-07-28 18:00 – Updated: 2024-08-06 23:08
VLAI?
Summary
Google Picasa before 3.6 Build 105.67 does not properly handle invalid properties in JPEG images, which allows remote attackers to execute arbitrary code via a crafted image file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:08:23.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "73980",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/73980"
},
{
"name": "google-picasa-jpeg-code-exec(68735)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68735"
},
{
"name": "45293",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://picasa.google.com/support/bin/static.py?hl=en\u0026page=release_notes.cs\u0026from=53209\u0026rd=1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.microsoft.com/technet/security/advisory/msvr11-008.mspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-07-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Google Picasa before 3.6 Build 105.67 does not properly handle invalid properties in JPEG images, which allows remote attackers to execute arbitrary code via a crafted image file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "73980",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/73980"
},
{
"name": "google-picasa-jpeg-code-exec(68735)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68735"
},
{
"name": "45293",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://picasa.google.com/support/bin/static.py?hl=en\u0026page=release_notes.cs\u0026from=53209\u0026rd=1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.microsoft.com/technet/security/advisory/msvr11-008.mspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-2747",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Picasa before 3.6 Build 105.67 does not properly handle invalid properties in JPEG images, which allows remote attackers to execute arbitrary code via a crafted image file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "73980",
"refsource": "OSVDB",
"url": "http://osvdb.org/73980"
},
{
"name": "google-picasa-jpeg-code-exec(68735)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68735"
},
{
"name": "45293",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45293"
},
{
"name": "http://picasa.google.com/support/bin/static.py?hl=en\u0026page=release_notes.cs\u0026from=53209\u0026rd=1",
"refsource": "MISC",
"url": "http://picasa.google.com/support/bin/static.py?hl=en\u0026page=release_notes.cs\u0026from=53209\u0026rd=1"
},
{
"name": "http://www.microsoft.com/technet/security/advisory/msvr11-008.mspx",
"refsource": "MISC",
"url": "http://www.microsoft.com/technet/security/advisory/msvr11-008.mspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-2747",
"datePublished": "2011-07-28T18:00:00",
"dateReserved": "2011-07-14T00:00:00",
"dateUpdated": "2024-08-06T23:08:23.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-0458 (GCVE-0-2011-0458)
Vulnerability from nvd – Published: 2011-03-28 16:00 – Updated: 2024-08-06 21:51
VLAI?
Summary
Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:08.970Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "google-picasa-dll-code-execution(66295)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66295"
},
{
"name": "43853",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43853"
},
{
"name": "47031",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47031"
},
{
"name": "ADV-2011-0766",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0766"
},
{
"name": "JVN#99977321",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN99977321/index.html"
},
{
"name": "71281",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/71281"
},
{
"name": "JVNDB-2011-000022",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "google-picasa-dll-code-execution(66295)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66295"
},
{
"name": "43853",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43853"
},
{
"name": "47031",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47031"
},
{
"name": "ADV-2011-0766",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0766"
},
{
"name": "JVN#99977321",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN99977321/index.html"
},
{
"name": "71281",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/71281"
},
{
"name": "JVNDB-2011-000022",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2011-0458",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "google-picasa-dll-code-execution(66295)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66295"
},
{
"name": "43853",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43853"
},
{
"name": "47031",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47031"
},
{
"name": "ADV-2011-0766",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0766"
},
{
"name": "JVN#99977321",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN99977321/index.html"
},
{
"name": "71281",
"refsource": "OSVDB",
"url": "http://osvdb.org/71281"
},
{
"name": "JVNDB-2011-000022",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2011-0458",
"datePublished": "2011-03-28T16:00:00",
"dateReserved": "2011-01-14T00:00:00",
"dateUpdated": "2024-08-06T21:51:08.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4847 (GCVE-0-2007-4847)
Vulnerability from nvd – Published: 2007-09-12 20:00 – Updated: 2024-08-07 15:08
VLAI?
Summary
Google Picasa allows remote attackers to read image files stored by Picasa via unspecified vectors involving a picasa:// URI. NOTE: this information is based upon a vague pre-advisory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:08:33.904Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/"
},
{
"name": "40565",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/40565"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Google Picasa allows remote attackers to read image files stored by Picasa via unspecified vectors involving a picasa:// URI. NOTE: this information is based upon a vague pre-advisory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/"
},
{
"name": "40565",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/40565"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4847",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Picasa allows remote attackers to read image files stored by Picasa via unspecified vectors involving a picasa:// URI. NOTE: this information is based upon a vague pre-advisory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/",
"refsource": "MISC",
"url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/"
},
{
"name": "40565",
"refsource": "OSVDB",
"url": "http://osvdb.org/40565"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4847",
"datePublished": "2007-09-12T20:00:00",
"dateReserved": "2007-09-12T00:00:00",
"dateUpdated": "2024-08-07T15:08:33.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4824 (GCVE-0-2007-4824)
Vulnerability from nvd – Published: 2007-09-11 19:00 – Updated: 2024-08-07 15:08
VLAI?
Summary
Multiple cross-application scripting (XAS) vulnerabilities in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:08:33.766Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/"
},
{
"name": "45900",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/45900"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-application scripting (XAS) vulnerabilities in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/"
},
{
"name": "45900",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/45900"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-application scripting (XAS) vulnerabilities in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/",
"refsource": "MISC",
"url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/"
},
{
"name": "45900",
"refsource": "OSVDB",
"url": "http://osvdb.org/45900"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4824",
"datePublished": "2007-09-11T19:00:00",
"dateReserved": "2007-09-11T00:00:00",
"dateUpdated": "2024-08-07T15:08:33.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4823 (GCVE-0-2007-4823)
Vulnerability from nvd – Published: 2007-09-11 19:00 – Updated: 2024-08-07 15:08
VLAI?
Summary
Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:08:33.771Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/"
},
{
"name": "45901",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/45901"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/"
},
{
"name": "45901",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/45901"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/",
"refsource": "MISC",
"url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/"
},
{
"name": "45901",
"refsource": "OSVDB",
"url": "http://osvdb.org/45901"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4823",
"datePublished": "2007-09-11T19:00:00",
"dateReserved": "2007-09-11T00:00:00",
"dateUpdated": "2024-08-07T15:08:33.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8221 (GCVE-0-2015-8221)
Vulnerability from cvelistv5 – Published: 2015-11-17 15:00 – Updated: 2024-08-06 08:13
VLAI?
Summary
Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:13:31.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2015-5/"
},
{
"name": "20151111 Secunia Research: Google Picasa CAMF Section Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/536878/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/134315/Google-Picasa-CAMF-Section-Integer-Overflow.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2015-5/"
},
{
"name": "20151111 Secunia Research: Google Picasa CAMF Section Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/536878/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/134315/Google-Picasa-CAMF-Section-Integer-Overflow.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/secunia_research/2015-5/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2015-5/"
},
{
"name": "20151111 Secunia Research: Google Picasa CAMF Section Integer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536878/100/0/threaded"
},
{
"name": "http://packetstormsecurity.com/files/134315/Google-Picasa-CAMF-Section-Integer-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134315/Google-Picasa-CAMF-Section-Integer-Overflow.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8221",
"datePublished": "2015-11-17T15:00:00",
"dateReserved": "2015-11-17T00:00:00",
"dateUpdated": "2024-08-06T08:13:31.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8096 (GCVE-0-2015-8096)
Vulnerability from cvelistv5 – Published: 2015-11-09 16:00 – Updated: 2024-08-06 08:13
VLAI?
Summary
Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute arbitrary code via unspecified vectors related to "phase one 0x412 tag," which triggers a heap-based buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:13:31.016Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2015-3/"
},
{
"name": "20151026 Secunia Research: Google Picasa Phase One Tags Processing Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/536761/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/134084/Google-Picasa-Phase-One-Tags-Processing-Integer-Overflow.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute arbitrary code via unspecified vectors related to \"phase one 0x412 tag,\" which triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2015-3/"
},
{
"name": "20151026 Secunia Research: Google Picasa Phase One Tags Processing Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/536761/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/134084/Google-Picasa-Phase-One-Tags-Processing-Integer-Overflow.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute arbitrary code via unspecified vectors related to \"phase one 0x412 tag,\" which triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/secunia_research/2015-3/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2015-3/"
},
{
"name": "20151026 Secunia Research: Google Picasa Phase One Tags Processing Integer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536761/100/0/threaded"
},
{
"name": "http://packetstormsecurity.com/files/134084/Google-Picasa-Phase-One-Tags-Processing-Integer-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134084/Google-Picasa-Phase-One-Tags-Processing-Integer-Overflow.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8096",
"datePublished": "2015-11-09T16:00:00",
"dateReserved": "2015-11-09T00:00:00",
"dateUpdated": "2024-08-06T08:13:31.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5358 (GCVE-0-2013-5358)
Vulnerability from cvelistv5 – Published: 2014-01-09 00:00 – Updated: 2024-08-06 17:06
VLAI?
Summary
Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory corruption via a crafted TIFF tag, as demonstrated using a KDC file with a DSLR-A100 model and certain sequences of tags.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:06:52.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55555"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029527"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.google.com/picasa/answer/53209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory corruption via a crafted TIFF tag, as demonstrated using a KDC file with a DSLR-A100 model and certain sequences of tags."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-08T23:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "55555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55555"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029527"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.google.com/picasa/answer/53209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2013-5358",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory corruption via a crafted TIFF tag, as demonstrated using a KDC file with a DSLR-A100 model and certain sequences of tags."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55555",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55555"
},
{
"name": "http://secunia.com/secunia_research/2013-14/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029527"
},
{
"name": "https://support.google.com/picasa/answer/53209",
"refsource": "CONFIRM",
"url": "https://support.google.com/picasa/answer/53209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2013-5358",
"datePublished": "2014-01-09T00:00:00",
"dateReserved": "2013-08-21T00:00:00",
"dateUpdated": "2024-08-06T17:06:52.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5349 (GCVE-0-2013-5349)
Vulnerability from cvelistv5 – Published: 2014-01-09 00:00 – Updated: 2024-08-06 17:06
VLAI?
Summary
Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a small size.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:06:52.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55555"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029527"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.google.com/picasa/answer/53209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a small size."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-08T23:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "55555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55555"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029527"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.google.com/picasa/answer/53209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2013-5349",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a small size."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55555",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55555"
},
{
"name": "http://secunia.com/secunia_research/2013-14/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029527"
},
{
"name": "https://support.google.com/picasa/answer/53209",
"refsource": "CONFIRM",
"url": "https://support.google.com/picasa/answer/53209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2013-5349",
"datePublished": "2014-01-09T00:00:00",
"dateReserved": "2013-08-21T00:00:00",
"dateUpdated": "2024-08-06T17:06:52.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5357 (GCVE-0-2013-5357)
Vulnerability from cvelistv5 – Published: 2014-01-09 00:00 – Updated: 2024-08-06 17:06
VLAI?
Summary
Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a long TIFF StripByteCounts tag.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:06:52.334Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55555"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029527"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.google.com/picasa/answer/53209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a long TIFF StripByteCounts tag."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-08T23:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "55555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55555"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029527"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.google.com/picasa/answer/53209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2013-5357",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a long TIFF StripByteCounts tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55555",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55555"
},
{
"name": "http://secunia.com/secunia_research/2013-14/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029527"
},
{
"name": "https://support.google.com/picasa/answer/53209",
"refsource": "CONFIRM",
"url": "https://support.google.com/picasa/answer/53209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2013-5357",
"datePublished": "2014-01-09T00:00:00",
"dateReserved": "2013-08-21T00:00:00",
"dateUpdated": "2024-08-06T17:06:52.334Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5359 (GCVE-0-2013-5359)
Vulnerability from cvelistv5 – Published: 2014-01-09 00:00 – Updated: 2024-08-06 17:06
VLAI?
Summary
Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 might allow remote attackers to execute arbitrary code via a crafted RAW file, as demonstrated using a KDC file with a certain size.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:06:52.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55555"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029527"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.google.com/picasa/answer/53209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 might allow remote attackers to execute arbitrary code via a crafted RAW file, as demonstrated using a KDC file with a certain size."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-08T23:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "55555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55555"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029527"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.google.com/picasa/answer/53209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2013-5359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 might allow remote attackers to execute arbitrary code via a crafted RAW file, as demonstrated using a KDC file with a certain size."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55555",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55555"
},
{
"name": "http://secunia.com/secunia_research/2013-14/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2013-14/"
},
{
"name": "1029527",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029527"
},
{
"name": "https://support.google.com/picasa/answer/53209",
"refsource": "CONFIRM",
"url": "https://support.google.com/picasa/answer/53209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2013-5359",
"datePublished": "2014-01-09T00:00:00",
"dateReserved": "2013-08-21T00:00:00",
"dateUpdated": "2024-08-06T17:06:52.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2747 (GCVE-0-2011-2747)
Vulnerability from cvelistv5 – Published: 2011-07-28 18:00 – Updated: 2024-08-06 23:08
VLAI?
Summary
Google Picasa before 3.6 Build 105.67 does not properly handle invalid properties in JPEG images, which allows remote attackers to execute arbitrary code via a crafted image file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:08:23.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "73980",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/73980"
},
{
"name": "google-picasa-jpeg-code-exec(68735)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68735"
},
{
"name": "45293",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://picasa.google.com/support/bin/static.py?hl=en\u0026page=release_notes.cs\u0026from=53209\u0026rd=1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.microsoft.com/technet/security/advisory/msvr11-008.mspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-07-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Google Picasa before 3.6 Build 105.67 does not properly handle invalid properties in JPEG images, which allows remote attackers to execute arbitrary code via a crafted image file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "73980",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/73980"
},
{
"name": "google-picasa-jpeg-code-exec(68735)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68735"
},
{
"name": "45293",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://picasa.google.com/support/bin/static.py?hl=en\u0026page=release_notes.cs\u0026from=53209\u0026rd=1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.microsoft.com/technet/security/advisory/msvr11-008.mspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-2747",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Picasa before 3.6 Build 105.67 does not properly handle invalid properties in JPEG images, which allows remote attackers to execute arbitrary code via a crafted image file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "73980",
"refsource": "OSVDB",
"url": "http://osvdb.org/73980"
},
{
"name": "google-picasa-jpeg-code-exec(68735)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68735"
},
{
"name": "45293",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45293"
},
{
"name": "http://picasa.google.com/support/bin/static.py?hl=en\u0026page=release_notes.cs\u0026from=53209\u0026rd=1",
"refsource": "MISC",
"url": "http://picasa.google.com/support/bin/static.py?hl=en\u0026page=release_notes.cs\u0026from=53209\u0026rd=1"
},
{
"name": "http://www.microsoft.com/technet/security/advisory/msvr11-008.mspx",
"refsource": "MISC",
"url": "http://www.microsoft.com/technet/security/advisory/msvr11-008.mspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-2747",
"datePublished": "2011-07-28T18:00:00",
"dateReserved": "2011-07-14T00:00:00",
"dateUpdated": "2024-08-06T23:08:23.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-0458 (GCVE-0-2011-0458)
Vulnerability from cvelistv5 – Published: 2011-03-28 16:00 – Updated: 2024-08-06 21:51
VLAI?
Summary
Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:08.970Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "google-picasa-dll-code-execution(66295)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66295"
},
{
"name": "43853",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43853"
},
{
"name": "47031",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47031"
},
{
"name": "ADV-2011-0766",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0766"
},
{
"name": "JVN#99977321",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN99977321/index.html"
},
{
"name": "71281",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/71281"
},
{
"name": "JVNDB-2011-000022",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "google-picasa-dll-code-execution(66295)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66295"
},
{
"name": "43853",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43853"
},
{
"name": "47031",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47031"
},
{
"name": "ADV-2011-0766",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0766"
},
{
"name": "JVN#99977321",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN99977321/index.html"
},
{
"name": "71281",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/71281"
},
{
"name": "JVNDB-2011-000022",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2011-0458",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "google-picasa-dll-code-execution(66295)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66295"
},
{
"name": "43853",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43853"
},
{
"name": "47031",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47031"
},
{
"name": "ADV-2011-0766",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0766"
},
{
"name": "JVN#99977321",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN99977321/index.html"
},
{
"name": "71281",
"refsource": "OSVDB",
"url": "http://osvdb.org/71281"
},
{
"name": "JVNDB-2011-000022",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2011-0458",
"datePublished": "2011-03-28T16:00:00",
"dateReserved": "2011-01-14T00:00:00",
"dateUpdated": "2024-08-06T21:51:08.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4847 (GCVE-0-2007-4847)
Vulnerability from cvelistv5 – Published: 2007-09-12 20:00 – Updated: 2024-08-07 15:08
VLAI?
Summary
Google Picasa allows remote attackers to read image files stored by Picasa via unspecified vectors involving a picasa:// URI. NOTE: this information is based upon a vague pre-advisory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:08:33.904Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/"
},
{
"name": "40565",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/40565"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Google Picasa allows remote attackers to read image files stored by Picasa via unspecified vectors involving a picasa:// URI. NOTE: this information is based upon a vague pre-advisory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/"
},
{
"name": "40565",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/40565"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4847",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Picasa allows remote attackers to read image files stored by Picasa via unspecified vectors involving a picasa:// URI. NOTE: this information is based upon a vague pre-advisory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/",
"refsource": "MISC",
"url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/"
},
{
"name": "40565",
"refsource": "OSVDB",
"url": "http://osvdb.org/40565"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4847",
"datePublished": "2007-09-12T20:00:00",
"dateReserved": "2007-09-12T00:00:00",
"dateUpdated": "2024-08-07T15:08:33.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4824 (GCVE-0-2007-4824)
Vulnerability from cvelistv5 – Published: 2007-09-11 19:00 – Updated: 2024-08-07 15:08
VLAI?
Summary
Multiple cross-application scripting (XAS) vulnerabilities in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:08:33.766Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/"
},
{
"name": "45900",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/45900"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-application scripting (XAS) vulnerabilities in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/"
},
{
"name": "45900",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/45900"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-application scripting (XAS) vulnerabilities in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/",
"refsource": "MISC",
"url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/"
},
{
"name": "45900",
"refsource": "OSVDB",
"url": "http://osvdb.org/45900"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4824",
"datePublished": "2007-09-11T19:00:00",
"dateReserved": "2007-09-11T00:00:00",
"dateUpdated": "2024-08-07T15:08:33.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4823 (GCVE-0-2007-4823)
Vulnerability from cvelistv5 – Published: 2007-09-11 19:00 – Updated: 2024-08-07 15:08
VLAI?
Summary
Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:08:33.771Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/"
},
{
"name": "45901",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/45901"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/"
},
{
"name": "45901",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/45901"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/",
"refsource": "MISC",
"url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/"
},
{
"name": "45901",
"refsource": "OSVDB",
"url": "http://osvdb.org/45901"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4823",
"datePublished": "2007-09-11T19:00:00",
"dateReserved": "2007-09-11T00:00:00",
"dateUpdated": "2024-08-07T15:08:33.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
JVNDB-2011-000022
Vulnerability from jvndb - Published: 2011-03-28 08:11 - Updated:2011-03-28 08:11Summary
Picasa may insecurely load executable files
Details
Picasa may use unsafe methods for determining how to load executables (.exe)
Picasa is a software for viewing and managing photos. Picasa loads certain executables when using the "Locate on Disk" function. Picasa contains an issue with the file search path, which may insecurely load executables.
Makoto Shiotsuki reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000022.html",
"dc:date": "2011-03-28T08:11+09:00",
"dcterms:issued": "2011-03-28T08:11+09:00",
"dcterms:modified": "2011-03-28T08:11+09:00",
"description": "Picasa may use unsafe methods for determining how to load executables (.exe)\r\n\r\nPicasa is a software for viewing and managing photos. Picasa loads certain executables when using the \"Locate on Disk\" function. Picasa contains an issue with the file search path, which may insecurely load executables.\r\n\r\nMakoto Shiotsuki reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000022.html",
"sec:cpe": {
"#text": "cpe:/a:google:picasa",
"@product": "Picasa",
"@vendor": "Google",
"@version": "2.2"
},
"sec:cvss": {
"@score": "5.1",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2011-000022",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN99977321/index.html",
"@id": "JVN#99977321",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0458",
"@id": "CVE-2011-0458",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0458",
"@id": "CVE-2011-0458",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/43853",
"@id": "SA43853",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/47031",
"@id": "47031",
"@source": "BID"
},
{
"#text": "http://www.vupen.com/english/advisories/2011/0766",
"@id": "VUPEN/ADV-2011-0766",
"@source": "VUPEN"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Picasa may insecurely load executable files"
}