Adobe Photoshop - Malicious BMP Files Vulnerability
Posted
Thursday, April 26, 2007 1:39 PM
by
hwaldron
Working exploits have surfaced for a critical security issue related to version CS2 and CS3 for Adobe Photoshop. Users should avoid all untrusted Bitmap files in email or weblinks
Adobe Photoshop - Malicious BMP Files Vulnerability
http://secunia.com/advisories/25023/
QUOTE: Marsu has reported a vulnerability in Adobe Photoshop, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error within the handling of Bitmap files (e.g. .BMP, .DIB, .RLE) and can be exploited to cause a stack-based buffer overflow via a specially crafted Bitmap file. Successful exploitation allows execution of arbitrary code. The vulnerability is reported in Adobe Photoshop CS2 and CS3. Other versions may also be affected.