myITforum.com
Welcome to myITforum.com Sign in | Join | Help
in Search
Site Home Home Bloggers List Blogs Photos Downloads

Harry Waldron - My IT Forums Blog

Sharing Security Developments, and Best Practices for corporate and home users

Adobe Photoshop - Unpatched BMP image vulnerability

Adobe Photoshop - Unpatched BMP image vulnerability

Adobe is working to promptly correct this security issue.  Users should be careful in loading image files into the Photoshop environment (esp. from email, USB devices, or any other untrusted sources)

Adobe Products BMP Handling Buffer Overflow Vulnerability 
http://secunia.com/advisories/29838/

QUOTE: Successful exploitation may allow execution of arbitrary code via a specially crafted BMP file. Reportedly, the vulnerability can also be exploited when a malicious storage device (e.g. USB drives, cameras) is being attached to a vulnerable computer. The vulnerability is reported in Adobe Photoshop Album Starter Edition 3.2 and Adobe After Effects CS3. Other versions may also be affected.

Solution: Do not process untrusted BMP files using the affected applications. Do not connect untrusted storage devices to the local computer.

Original Advisory - Adobe:
http://www.adobe.com/support/security/advisories/apsa08-04.html
http://archives.neohapsis.com/archives/fulldisclosure/2008-04/0551.html

Published Apr 22 2008, 03:47 PM by hwaldron

Comments

No Comments

This Blog

Syndication
Copyright - www.myITforum.com, Inc. - 2007 All Rights reserved.
Powered by Community Server (Commercial Edition), by Telligent Systems