Shodan
Vulnerabilities
Vulnerable Software
Google:  >> Picasa  >> 3.9.0  Security Vulnerabilities
CVE-2015-8221
Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow.
CVSS Score
10.0
EPSS Score
0.249
Published
2015-11-17
CVE-2013-5349
Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a small size.
CVSS Score
7.5
EPSS Score
0.026
Published
2014-01-09
CVE-2013-5357
Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a long TIFF StripByteCounts tag.
CVSS Score
7.5
EPSS Score
0.026
Published
2014-01-09
CVE-2013-5358
Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory corruption via a crafted TIFF tag, as demonstrated using a KDC file with a DSLR-A100 model and certain sequences of tags.
CVSS Score
7.5
EPSS Score
0.007
Published
2014-01-09
CVE-2013-5359
Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 might allow remote attackers to execute arbitrary code via a crafted RAW file, as demonstrated using a KDC file with a certain size.
CVSS Score
7.5
EPSS Score
0.026
Published
2014-01-09
CVE-2007-4847
Google Picasa allows remote attackers to read image files stored by Picasa via unspecified vectors involving a picasa:// URI. NOTE: this information is based upon a vague pre-advisory.
CVSS Score
5.0
EPSS Score
0.002
Published
2007-09-12
CVE-2007-4823
Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory.
CVSS Score
7.5
EPSS Score
0.001
Published
2007-09-11
CVE-2007-4824
Multiple cross-application scripting (XAS) vulnerabilities in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory.
CVSS Score
6.8
EPSS Score
0.001
Published
2007-09-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved