QwikSec

Security Database

CVE

CWE

Training

CVE-2012-10051

Published: Aug 8, 2025

Modified: Apr 7, 2026

PUBLISHED

Description

Photodex ProShow Producer version 5.0.3256 contains a stack-based buffer overflow vulnerability in the handling of plugin load list files. When a specially crafted load file is placed in the installation directory, the application fails to properly validate its contents, leading to a buffer overflow when the file is parsed during startup. Exploitation requires local access to place the file and user interaction to launch the application.

Vendor	Product	Versions
Photodex Corporation	ProShow Producer	affected `5.0.3256`

Weaknesses (CWE)

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/proshow_load_bof.rb

exploit

https://www.exploit-db.com/exploits/19563

exploit

https://www.exploit-db.com/exploits/20109

exploit

https://web.archive.org/web/20120727035341/http://security.inshell.net/advisory/30

technical-description

exploit

https://www.fortiguard.com/encyclopedia/ips/32753

third-party-advisory

https://erinkrespan.com/what-happened-to-photodex-proshow-producer/

https://archive.org/details/PhotodexProShowProducer7.0.3514Keymaker_20180127

product

https://www.vulncheck.com/advisories/photodex-proshow-producer-load-file-handling-buffer-overflow

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.