漏洞描述
Google Picasa是美国谷歌(Google)公司的一套免费的图片管理工具。该工具可协助用户在计算机上查找、修改和共享图片。 Google Picasa在处理JPEG图像的实现上存在远程代码执行漏洞,远程攻击者可利用此漏洞以当前用户权限执行任意代码,造成拒绝服务。
Google Picasa JPEG图像处理远程代码执行漏洞
PoC代码
暂无相关漏洞推荐
- WordPress Google for WooCommerce /wp-content/plugins/google-listings-and-ads/vendor/googleads/google-ads-php/scripts/print_php_information.php 信息泄露漏洞(CVE-2024-10486)
- POC CVE-2010-1306: Joomla! Component Picasa 2.0 - Local File Inclusion
- POC CVE-2010-2507: Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion
- POC CVE-2015-2755: WordPress AB Google Map Travel <=3.4 - Stored Cross-Site Scripting
- POC CVE-2017-18556: Google Analytics by BestWebSoft < 1.7.1 - Cross-Site Scripting
- POC CVE-2017-18557: Google Maps by BestWebSoft < 1.3.6 - Cross-Site Scripting
- POC CVE-2018-3810: Oturia WordPress Smart Google Code Inserter <3.5 - Authentication Bypass
- POC CVE-2019-10692: WordPress Google Maps <7.11.18 - SQL Injection
- POC CVE-2019-9912: WP Google Maps < 7.10.43 - Cross-Site Scripting
- POC CVE-2022-0346: WordPress XML Sitemap Generator for Google <2.0.4 - Cross-Site Scripting/Remote Code Execution
- POC CVE-2023-32117: Integrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints
- POC CVE-2023-6697: WP Go Maps (formerly WP Google Maps) < 9.0.29 - Cross-Site Scripting
- POC CVE-2024-0250: Analytics Insights for Google Analytics 4 < 6.3 - Open Redirect