14 DAY TRIAL // ACDSee is a famous suite of photo manipulation utilities which are currently installed on numerous computers all over the world. But the subject of this piece of news is not the pack itself but some vulnerabilities which were discovered and reported by security company Secunia today. In fact, AcdSee acknowledged the flaws and already issued a fix to patch them. According to Secunia, the affected software solutions are ACDSee Photo Manager version 9.0 build 108, ACDSee Pro Photo Manager version 8.1 build 99 and ACDSee Photo Editor version 4.0 build 195.
"An input validation error within ID_PSP.apl when processing PSP image files can be exploited to cause a heap-based buffer overflow via a specially crafted PSP image file," Secunia wrote in the description of the first glitch. "An integer overflow error within ID_PSP.apl when processing PSP image files can be exploited to cause a heap-based buffer overflow via a specially crafted PSP image file," the second one reads.
Secunia rated the flaw as highly critical and added that a successful exploitation of the flaw could enable an attacker to compromise the affected system.
ACDSee confirmed the reports, mentioning that "successful exploitation allows execution of arbitrary code." In addition, the parent company urged all the users to install the patch in order to avoid encountering problems with the flaws. "To fix this security issue customers should apply the update immediately."
ACDSee is a company focused on numerous photo manipulation and organization utilities, which addresses both beginners and professional users. For example, the inexperienced users can try ACDSee Photo Manager, ACDSee Photo Editor, FotoSlate 4 Photo Print Studio or Real Optimizer 2, while the pros can install ACDSee Pro 2, Stitcher Express 2.0, Crumpler Camera Bag Bundle or TurboFlix.
In addition, the employees can buy Canvas for both Windows and Mac, a solution which can be bought as a standalone product but also with the GIS Module.