An memory corruption vulnerability exists in the .PSD parsing functionality of ACD Systems International Inc. ACDSee Ultimate 10. An attacker can build a specially crafted PSD file that uses this bug to trigger a memory corruption. A byte value is taken directly from the .PSD file and used later as a size argument to the C++ memmove function. An attacker can use this to overwrite large parts of memory to crash the application or potentially even execute arbitrary code by overwriting critical control flow structures. For additional information, please see the advisory here.

The following Snort Rules will detect exploitation attempts of this vulnerability. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your FireSIGHT Management Center or Snort.org

Snort rules: 43862-43863