CVE-2015-8221

CWE-119 — Buffer Overflow CWE-1893 documents3 sources

Severity

10.0CRITICAL

EPSS

24.9%

top 3.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Picasa

Timeline

PublishedNov 17

Latest updateMay 14

Description

Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDgoogle/picasa3.9.140

🔴Vulnerability Details

GHSA

GHSA-v2fh-3p9g-5253: Integer overflow in Google Picasa before 3↗2022-05-14

▶

CVEList

CVE-2015-8221: Integer overflow in Google Picasa before 3↗2015-11-17

▶