Threat Level: green Handler on Duty: Tom Webb

SANS ISC: Buffer Overflows In Adobe Products - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Buffer Overflows In Adobe Products
Seems as if there is a Buffer Overflow in multiple Adobe products.  According to the exploit the following products are affected:

The PNG exploit affects:
 -Photoshop CS2                                                         
-Photoshop CS3
-Photoshop Elements 5.0
-Corel Paint Shop Pro 11.20

And the Bitmap exploit affects:

 -Photoshop CS2                                                         
-Photoshop CS3
The solutions for these exploits, basically, is not to open untrusted .png, .bmp, .dib, or .rle files.   The possibility for remote shells and command execution do exist.   So be cautious.  I am sure there will be more to come.

Joel Esler
http://handlers.sans.org/jesler


Joel

454 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!