The host is installed with Google Picasa 3.9.140 Build 239 or 3.9.140 Build 248 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle phase one 0x412 tag. Successful exploitation allows attackers to execute arbitrary code.