cpe:/a:acdsee:photo_editor:4.0:build_195 cpe:/a:acdsee:photo_manager:9.0:build_108 cpe:/a:acdsee:pro_photo_manager:8.1:build_99 CVE-2007-4344 2007-11-15T17:46:00.000-05:00 2011-03-07T21:58:24.297-05:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2007-11-16T10:04:00.000-05:00 ALLOWS_ADMIN_ACCESS BUGTRAQ 20071102 Secunia Research: ACDSee Products Image and Archive Plug-insBuffer Overflows SECUNIA 25952 BID 26297 SREASON 3367 VUPEN ADV-2007-3695 MISC http://secunia.com/secunia_research/2007-73/advisory/ CONFIRM http://www.acdsee.com/support/knowledgebase/article?id=2800 Multiple input validation errors in ACD ACDSee Photo Manager 9.0 build 108, Pro Photo Manager 8.1 build 99, and Photo Editor 4.0 build 195 allow user-assisted remote attackers to execute arbitrary code via a long section string in (1) a PSP image to the ID_PSP.apl plug-in or (2) an LHA archive to the AM_LHA.apl plug-in, resulting in a heap-based buffer overflow.