Vulnerabilities > CVE-2021-26026 - Incorrect Authorization vulnerability in Acdsee Photo Studio 2021 14.0

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

acdsee

CWE-863

NVD

Published: 2021-01-26

Updated: 2021-02-03

Summary

PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!JPEGTransW+0x000000000000c7f4 via a crafted BMP image.

Vulnerable Configurations

Part	Description	Count
Application	Acdsee Acdsee Photo Studio 2021 14.0	1

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://github.com/secluck/pentest/blob/main/000033.md