Vulnerability Description
Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Paint Shop Pro) allows user-assisted remote attackers to execute arbitrary code via a crafted PNG file. NOTE: this might be the same issue as CVE-2007-2366.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Corel | Paint Shop Pro | 8.10 |
Related Weaknesses (CWE)
References
- http://aluigi.freeforums.org/post8780.html
- http://osvdb.org/60592
- http://secunia.com/advisories/37591Vendor Advisory
- http://www.packetstormsecurity.org/0912-exploits/jasc-overflow.txt
- http://www.securityfocus.com/bid/37204Exploit
- http://www.vupen.com/english/advisories/2009/3418
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54551
- http://aluigi.freeforums.org/post8780.html
- http://osvdb.org/60592
- http://secunia.com/advisories/37591Vendor Advisory
- http://www.packetstormsecurity.org/0912-exploits/jasc-overflow.txt
- http://www.securityfocus.com/bid/37204Exploit
- http://www.vupen.com/english/advisories/2009/3418
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54551
FAQ
What is CVE-2009-4251?
CVE-2009-4251 is a vulnerability with a CVSS score of 9.3 (HIGH). Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Paint Shop Pro) allows user-assisted remote attackers to execute arbitrary code via a crafted PNG file. NOTE: this might be the same...
How severe is CVE-2009-4251?
CVE-2009-4251 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-4251?
Check the references section above for vendor advisories and patch information. Affected products include: Corel Paint Shop Pro.