Vulnerability Details CVE-2015-8221
Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.249
EPSS Ranking 96.0%
CVSS Severity
CVSS v2 Score 10.0
References
- http://packetstormsecurity.com/files/134315/Google-Picasa-CAMF-Section-Integer-Overflow.html
- http://secunia.com/secunia_research/2015-5/
- http://www.securityfocus.com/archive/1/536878/100/0/threaded
- http://packetstormsecurity.com/files/134315/Google-Picasa-CAMF-Section-Integer-Overflow.html
- http://secunia.com/secunia_research/2015-5/
- http://www.securityfocus.com/archive/1/536878/100/0/threaded
Products affected by CVE-2015-8221
-
cpe:2.3:a:google:picasa:-
-
cpe:2.3:a:google:picasa:3.6
-
cpe:2.3:a:google:picasa:3.8
-
cpe:2.3:a:google:picasa:3.9.0
-
cpe:2.3:a:google:picasa:3.9.140