CVE-2011-2747 Information

Description

Google Picasa before 3.6 Build 105.67 does not properly handle invalid properties in JPEG images which allows remote attackers to execute arbitrary code via a crafted image file.

Reference

http://osvdb.org/73980 http://picasa.google.com/support/bin/static.py?hl=en&page=release_notes.cs&from=53209&rd=1 http://secunia.com/advisories/45293 http://www.microsoft.com/technet/security/advisory/msvr11-008.mspx https://exchange.xforce.ibmcloud.com/vulnerabilities/68735