CVE-2009-4251

Опубликовано: 10 дек. 2009

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Описание

Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Paint Shop Pro) allows user-assisted remote attackers to execute arbitrary code via a crafted PNG file. NOTE: this might be the same issue as CVE-2007-2366.

Ссылки

http://aluigi.freeforums.org/post8780.html
http://osvdb.org/60592
http://secunia.com/advisories/37591
Vendor Advisory
http://www.packetstormsecurity.org/0912-exploits/jasc-overflow.txt
http://www.securityfocus.com/bid/37204
Exploit
http://www.vupen.com/english/advisories/2009/3418
https://exchange.xforce.ibmcloud.com/vulnerabilities/54551
http://aluigi.freeforums.org/post8780.html
http://osvdb.org/60592
http://secunia.com/advisories/37591
Vendor Advisory
http://www.packetstormsecurity.org/0912-exploits/jasc-overflow.txt
http://www.securityfocus.com/bid/37204
Exploit
http://www.vupen.com/english/advisories/2009/3418
https://exchange.xforce.ibmcloud.com/vulnerabilities/54551

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:corel:paint_shop_pro:8.10:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.07815

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-296h-f7c6-qrvp

github

больше 3 лет назад