Search criteria
3 vulnerabilities by arcsoft
CVE-2023-53946 (GCVE-0-2023-53946)
Vulnerability from cvelistv5 – Published: 2025-12-19 21:05 – Updated: 2025-12-19 21:44
VLAI?
Title
Arcsoft PhotoStudio 6.0.0.172 Unquoted Service Path Privilege Escalation
Summary
Arcsoft PhotoStudio 6.0.0.172 contains an unquoted service path vulnerability in the ArcSoft Exchange Service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted path and trigger the service to execute arbitrary code with system-level permissions.
Severity ?
CWE
- CWE-428 - Unquoted Search Path or Element
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arcsoft | PhotoStudio |
Affected:
0 , ≤ 6.0.0.172
(semver)
|
Credits
msd0pe
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-53946",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T21:44:03.163620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T21:44:34.023Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PhotoStudio",
"vendor": "Arcsoft",
"versions": [
{
"lessThanOrEqual": "6.0.0.172",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "msd0pe"
}
],
"descriptions": [
{
"lang": "en",
"value": "Arcsoft PhotoStudio 6.0.0.172 contains an unquoted service path vulnerability in the ArcSoft Exchange Service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted path and trigger the service to execute arbitrary code with system-level permissions."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T21:05:48.868Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-51393",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/51393"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "https://www.arcsoft.com/"
},
{
"name": "VulnCheck Advisory: Arcsoft PhotoStudio 6.0.0.172 Unquoted Service Path Privilege Escalation",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/arcsoft-photostudio-unquoted-service-path-privilege-escalation"
}
],
"title": "Arcsoft PhotoStudio 6.0.0.172 Unquoted Service Path Privilege Escalation",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2023-53946",
"datePublished": "2025-12-19T21:05:48.868Z",
"dateReserved": "2025-12-16T19:22:09.998Z",
"dateUpdated": "2025-12-19T21:44:34.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2006-4131 (GCVE-0-2006-4131)
Vulnerability from cvelistv5 – Published: 2006-08-14 23:00 – Updated: 2024-08-07 18:57
VLAI?
Summary
Multiple buffer overflows in ArcSoft MMS Composer 1.5.5.6, and possibly earlier, and 2.0.0.13, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via crafted MMS (Multimedia Messaging Service) messages that trigger the overflows in the (1) M-Notification.ind, (2) M-Retrieve.conf (Header and Body), or (3) SMIL parsers.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:57:46.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19451",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19451"
},
{
"name": "1387",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1387"
},
{
"name": "2156",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2156"
},
{
"name": "20060810 PocketPC MMS - Remote Code Injection/Execution Vulnerability andDenial-of-Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/442841/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.arcsoft.com/support/downloads/download_patches/mms.asp"
},
{
"name": "20060809 PocketPC MMS - Remote Code Injection/Execution Vulnerability and Denial-of-Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048614.html"
},
{
"name": "mmscomposer-message-bo(28342)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28342"
},
{
"name": "ADV-2006-3261",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3261"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.mulliner.org/pocketpc/CollinMulliner_defcon14_pocketpcphones.pdf"
},
{
"name": "21426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21426"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in ArcSoft MMS Composer 1.5.5.6, and possibly earlier, and 2.0.0.13, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via crafted MMS (Multimedia Messaging Service) messages that trigger the overflows in the (1) M-Notification.ind, (2) M-Retrieve.conf (Header and Body), or (3) SMIL parsers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19451",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19451"
},
{
"name": "1387",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1387"
},
{
"name": "2156",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2156"
},
{
"name": "20060810 PocketPC MMS - Remote Code Injection/Execution Vulnerability andDenial-of-Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/442841/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.arcsoft.com/support/downloads/download_patches/mms.asp"
},
{
"name": "20060809 PocketPC MMS - Remote Code Injection/Execution Vulnerability and Denial-of-Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048614.html"
},
{
"name": "mmscomposer-message-bo(28342)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28342"
},
{
"name": "ADV-2006-3261",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3261"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.mulliner.org/pocketpc/CollinMulliner_defcon14_pocketpcphones.pdf"
},
{
"name": "21426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21426"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4131",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in ArcSoft MMS Composer 1.5.5.6, and possibly earlier, and 2.0.0.13, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via crafted MMS (Multimedia Messaging Service) messages that trigger the overflows in the (1) M-Notification.ind, (2) M-Retrieve.conf (Header and Body), or (3) SMIL parsers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19451",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19451"
},
{
"name": "1387",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1387"
},
{
"name": "2156",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2156"
},
{
"name": "20060810 PocketPC MMS - Remote Code Injection/Execution Vulnerability andDenial-of-Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/442841/100/0/threaded"
},
{
"name": "http://www.arcsoft.com/support/downloads/download_patches/mms.asp",
"refsource": "MISC",
"url": "http://www.arcsoft.com/support/downloads/download_patches/mms.asp"
},
{
"name": "20060809 PocketPC MMS - Remote Code Injection/Execution Vulnerability and Denial-of-Service",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048614.html"
},
{
"name": "mmscomposer-message-bo(28342)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28342"
},
{
"name": "ADV-2006-3261",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3261"
},
{
"name": "http://www.mulliner.org/pocketpc/CollinMulliner_defcon14_pocketpcphones.pdf",
"refsource": "MISC",
"url": "http://www.mulliner.org/pocketpc/CollinMulliner_defcon14_pocketpcphones.pdf"
},
{
"name": "21426",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21426"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4131",
"datePublished": "2006-08-14T23:00:00",
"dateReserved": "2006-08-14T00:00:00",
"dateUpdated": "2024-08-07T18:57:46.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4132 (GCVE-0-2006-4132)
Vulnerability from cvelistv5 – Published: 2006-08-14 23:00 – Updated: 2024-08-07 18:57
VLAI?
Summary
ArcSoft MMS Composer 1.5.5.6 and possibly earlier, and 2.0.0.13 and possibly earlier, allow remote attackers to cause a denial of service (resource exhaustion and application crash) via WAPPush messages to UDP port UDP 2948.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:57:46.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19451",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19451"
},
{
"name": "mmscomposer-wappush-dos(28344)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28344"
},
{
"name": "1387",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1387"
},
{
"name": "2156",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2156"
},
{
"name": "20060810 PocketPC MMS - Remote Code Injection/Execution Vulnerability andDenial-of-Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/442841/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.arcsoft.com/support/downloads/download_patches/mms.asp"
},
{
"name": "20060809 PocketPC MMS - Remote Code Injection/Execution Vulnerability and Denial-of-Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048614.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.mulliner.org/pocketpc/CollinMulliner_defcon14_pocketpcphones.pdf"
},
{
"name": "21426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21426"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ArcSoft MMS Composer 1.5.5.6 and possibly earlier, and 2.0.0.13 and possibly earlier, allow remote attackers to cause a denial of service (resource exhaustion and application crash) via WAPPush messages to UDP port UDP 2948."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19451",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19451"
},
{
"name": "mmscomposer-wappush-dos(28344)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28344"
},
{
"name": "1387",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1387"
},
{
"name": "2156",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2156"
},
{
"name": "20060810 PocketPC MMS - Remote Code Injection/Execution Vulnerability andDenial-of-Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/442841/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.arcsoft.com/support/downloads/download_patches/mms.asp"
},
{
"name": "20060809 PocketPC MMS - Remote Code Injection/Execution Vulnerability and Denial-of-Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048614.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.mulliner.org/pocketpc/CollinMulliner_defcon14_pocketpcphones.pdf"
},
{
"name": "21426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21426"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4132",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ArcSoft MMS Composer 1.5.5.6 and possibly earlier, and 2.0.0.13 and possibly earlier, allow remote attackers to cause a denial of service (resource exhaustion and application crash) via WAPPush messages to UDP port UDP 2948."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19451",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19451"
},
{
"name": "mmscomposer-wappush-dos(28344)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28344"
},
{
"name": "1387",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1387"
},
{
"name": "2156",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2156"
},
{
"name": "20060810 PocketPC MMS - Remote Code Injection/Execution Vulnerability andDenial-of-Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/442841/100/0/threaded"
},
{
"name": "http://www.arcsoft.com/support/downloads/download_patches/mms.asp",
"refsource": "MISC",
"url": "http://www.arcsoft.com/support/downloads/download_patches/mms.asp"
},
{
"name": "20060809 PocketPC MMS - Remote Code Injection/Execution Vulnerability and Denial-of-Service",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048614.html"
},
{
"name": "http://www.mulliner.org/pocketpc/CollinMulliner_defcon14_pocketpcphones.pdf",
"refsource": "MISC",
"url": "http://www.mulliner.org/pocketpc/CollinMulliner_defcon14_pocketpcphones.pdf"
},
{
"name": "21426",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21426"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4132",
"datePublished": "2006-08-14T23:00:00",
"dateReserved": "2006-08-14T00:00:00",
"dateUpdated": "2024-08-07T18:57:46.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}