Stack-Based Buffer Overflow in Photodex ProShow Producer by Photodex
CVE-2012-10051

8.4HIGH

Key Information:

Vendor

Photodex Corporation

Status
Proshow Producer
Vendor
CVE Published:
8 August 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2012-10051?

Photodex ProShow Producer version 5.0.3256 is susceptible to a stack-based buffer overflow that arises from improper validation of plugin load list files. When a maliciously crafted load file is placed in the installation directory, it can cause a buffer overflow during the application's startup sequence. For exploitation, an attacker requires local access to place the crafted file and user interaction to launch the application, thus invoking the vulnerable functionality.

Affected Version(s)

ProShow Producer 5.0.3256

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2012-10051 - Proof of Concept

CVE-2012-10051 - Proof of Concept

CVE-2012-10051 - Proof of Concept

References

https://raw.githubusercontent.com/rapid7/metasploit-frame...
exploit
https://www.exploit-db.com/exploits/19563
exploit
https://www.exploit-db.com/exploits/20109
exploit

CVSS V4

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Julien Ahrens
.
CVE-2012-10051 : Stack-Based Buffer Overflow in Photodex ProShow Producer by Photodex