The folks at Secunia discovered a vulnerability in Picasa which can be exploited by malicious people to potentially compromise a user’s system.
According to them , the vulnerability is caused due to an integer overflow error in PicasaPhotoViewer.exe when processing JPEG files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted JPEG file and e.g. zooming in.
Successful exploitation may allow execution of arbitrary code.The vulnerability is confirmed in PicasaPhotoViewer.exe version 188.8.131.52, included in Google Picasa 3.6 build 95.25. Prior versions may also be affected.
To be on the safer side, update your Picasa version to 3.6 build 105.41.