The focus of this is for the Photoshop Elements software as
it is more
common with home users than it's bigger sibling Photoshop.
Adobe Products PNG.8BI PNG File Handling Buffer Overflow
Secunia Advisory: SA25044
Release Date: 2007-04-30
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Software: Adobe Photoshop CS2
Adobe Photoshop CS3
Adobe Photoshop Elements 5.x
Description:
Marsu has discovered a vulnerability in various Adobe
Products, which
can be exploited by malicious people to compromise a user's
system.
The vulnerability is caused due to a boundary error within
the PNG.8BI
Photoshop Format Plugin when handling PNG files. This can be
exploited
to cause a stack-based buffer overflow via a specially
crafted PNG file.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in Adobe Photoshop CS2 and
Adobe
Photoshop Elements (Editor) version 5.0 for Windows and
reportedly
affects Adobe Photoshop CS3.
Solution:
Do not open untrusted PNG files.
Provided and/or discovered by:
Marsu
Original Advisory:
http://milw0rm.com/e
xploits/3812
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/r
ules.htm
Contact list owner <owner-pcworks imagicomm.com>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
|
