CVE-2015-8096 Information

Description

Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute arbitrary code via unspecified vectors related to \phase one 0x412 tag\ which triggers a heap-based buffer overflow.

Reference

http://packetstormsecurity.com/files/134084/Google-Picasa-Phase-One-Tags-Processing-Integer-Overflow.html http://secunia.com/secunia_research/2015-3/ http://www.securityfocus.com/archive/1/536761/100/0/threaded