Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Filtered by product Picasa
Total 11 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-8221 1 Google 1 Picasa 2024-11-21 10.0 HIGH N/A
Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow.
CVE-2015-8096 1 Google 1 Picasa 2024-11-21 10.0 HIGH N/A
Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute arbitrary code via unspecified vectors related to "phase one 0x412 tag," which triggers a heap-based buffer overflow.
CVE-2013-5359 1 Google 1 Picasa 2024-11-21 7.5 HIGH N/A
Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 might allow remote attackers to execute arbitrary code via a crafted RAW file, as demonstrated using a KDC file with a certain size.
CVE-2013-5358 1 Google 1 Picasa 2024-11-21 7.5 HIGH N/A
Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory corruption via a crafted TIFF tag, as demonstrated using a KDC file with a DSLR-A100 model and certain sequences of tags.
CVE-2013-5357 1 Google 1 Picasa 2024-11-21 7.5 HIGH N/A
Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a long TIFF StripByteCounts tag.
CVE-2013-5349 1 Google 1 Picasa 2024-11-21 7.5 HIGH N/A
Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a small size.
CVE-2011-2747 1 Google 1 Picasa 2024-11-21 9.3 HIGH N/A
Google Picasa before 3.6 Build 105.67 does not properly handle invalid properties in JPEG images, which allows remote attackers to execute arbitrary code via a crafted image file.
CVE-2011-0458 1 Google 1 Picasa 2024-11-21 6.9 MEDIUM N/A
Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
CVE-2007-4847 1 Google 1 Picasa 2024-11-21 5.0 MEDIUM N/A
Google Picasa allows remote attackers to read image files stored by Picasa via unspecified vectors involving a picasa:// URI. NOTE: this information is based upon a vague pre-advisory.
CVE-2007-4824 1 Google 1 Picasa 2024-11-21 6.8 MEDIUM N/A
Multiple cross-application scripting (XAS) vulnerabilities in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory.
CVE-2007-4823 1 Google 1 Picasa 2024-11-21 7.5 HIGH N/A
Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory.