Security readout for executives and security teams
Plain-English summary
This is a local file-handling flaw in Photodex ProShow Producer 5.0.3256. If an attacker can place a specially crafted load-list file in the installation directory and a user starts the application, memory corruption can occur with high confidentiality, integrity, and availability impact.
Executive priority
Treat as a high-priority legacy software risk where the product is still installed. The main business decision is whether any remaining use justifies keeping a locally exploitable, publicly documented vulnerable application.
Technical view
The CVE describes a CWE-121 stack-based buffer overflow during parsing of plugin load list files at startup. Attack prerequisites are local file placement and user-assisted launch. Public exploit references exist, but the bundle does not show CISA KEV listing or confirmed active exploitation.
Likely exposure
Exposure appears limited to systems still running Photodex ProShow Producer 5.0.3256. The bundle does not confirm other affected versions, enterprise deployment prevalence, or vendor-supported patch availability.
Exploitation context
Public exploit material is cited by Rapid7 Metasploit, Exploit-DB, and an archived advisory. The described attack is not remote-only; it requires local access to place a file and user interaction to launch the application.
Researcher notes
Do not assume remote exposure from the supplied evidence. The CVSS vector is local with user interaction. Public exploit references increase validation urgency, but active exploitation is not supported because KEV is false and no cited source in the bundle confirms active attacks.
Mitigation direction
- Inventory systems for Photodex ProShow Producer 5.0.3256.
- Remove or isolate unsupported legacy installations where business use is not required.
- Restrict write access to the application installation directory.
- Check vendor or trusted third-party guidance for replacement or upgrade options.
- Monitor endpoint controls for unexpected files in the installation directory.
Validation and detection
- Confirm installed ProShow Producer versions on Windows endpoints.
- Review installation directory ACLs for non-administrator write access.
- Search for plugin load list files in application directories.
- Verify application use is still business-required.
- Check EDR history for suspicious file creation near application startup.
Public sources used
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
CWE-121: Exact CWE lookup
Use the exact CWE identifier as the starting point before reviewing related ATT&CK behavior. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.
Open ATT&CK lookupCVE-2012-10051 mapping review
Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.
Open ATT&CK lookup- Severity
- High
- CVSS
- 8.4 (4.0)
- Known Exploited
- No
- Published
Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CNA and ADP enrichment extracted from CVE v5
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
CVSS vector scores
1 official scoreWe collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N——Primary CVE scoreVulnerability scoring details
Base CVSS 4.0 score
8.4HighVector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Source materials
- CVE List V5 sourceCVE List V5
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/proshow_load_bof.rbCVE reference · exploit
- https://www.exploit-db.com/exploits/19563CVE reference · exploit
- https://www.exploit-db.com/exploits/20109CVE reference · exploit
- https://web.archive.org/web/20120727035341/http://security.inshell.net/advisory/30CVE reference · technical-description, exploit
- https://www.fortiguard.com/encyclopedia/ips/32753CVE reference · third-party-advisory
- https://erinkrespan.com/what-happened-to-photodex-proshow-producer/CVE reference
- https://archive.org/details/PhotodexProShowProducer7.0.3514Keymaker_20180127CVE reference · product
- https://www.vulncheck.com/advisories/photodex-proshow-producer-load-file-handling-buffer-overflowCVE reference · third-party-advisory
Products and packages named in the record
CWE details
CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.
Stack-based Buffer Overflow
Stack-based Buffer Overflow represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.
