Vulnerability Details CVE-2019-12810
A memory corruption vulnerability exists in the .PSD parsing functionality of ALSee v5.3 ~ v8.39. A specially crafted .PSD file can cause an out of bounds write vulnerability resulting in code execution. By persuading a victim to open a specially-crafted .PSD file, an attacker could execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.1%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
Products affected by CVE-2019-12810
-
cpe:2.3:a:estsoft:alsee:5.3
-
cpe:2.3:a:estsoft:alsee:6.20.0.1
-
cpe:2.3:a:estsoft:alsee:8.0
-
cpe:2.3:a:estsoft:alsee:8.1
-
cpe:2.3:a:estsoft:alsee:8.12
-
cpe:2.3:a:estsoft:alsee:8.13
-
cpe:2.3:a:estsoft:alsee:8.2
-
cpe:2.3:a:estsoft:alsee:8.21
-
cpe:2.3:a:estsoft:alsee:8.22
-
cpe:2.3:a:estsoft:alsee:8.23
-
cpe:2.3:a:estsoft:alsee:8.24
-
cpe:2.3:a:estsoft:alsee:8.25
-
cpe:2.3:a:estsoft:alsee:8.26
-
cpe:2.3:a:estsoft:alsee:8.27
-
cpe:2.3:a:estsoft:alsee:8.28
-
cpe:2.3:a:estsoft:alsee:8.29
-
cpe:2.3:a:estsoft:alsee:8.30
-
cpe:2.3:a:estsoft:alsee:8.31
-
cpe:2.3:a:estsoft:alsee:8.32
-
cpe:2.3:a:estsoft:alsee:8.33
-
cpe:2.3:a:estsoft:alsee:8.34
-
cpe:2.3:a:estsoft:alsee:8.35
-
cpe:2.3:a:estsoft:alsee:8.36
-
cpe:2.3:a:estsoft:alsee:8.37
-
cpe:2.3:a:estsoft:alsee:8.38
-
cpe:2.3:a:estsoft:alsee:8.39
-
cpe:2.3:o:microsoft:windows:-