Short Name |
HTTP:STC:ADOBE:PS-CS4-MULTI-BO |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Adobe Photoshop CS4 Multipe File Parsing Buffer Overflow |
Release Date |
2010/10/25 |
Update Number |
1799 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known code execution vulnerability in Adobe Photoshop CS4. It is due to an input validation error while processing ABR (brush) and other graphics files such as ASL and GRD. Remote attackers can exploit this by enticing the target user to open a malicious ABR file. A successful attack can cause a heap buffer overflow that can lead to arbitrary code execution in the security context of the logged in user, or terminate the application resulting in a denial-of-service condition.
Adobe Photoshop is prone to multiple remote buffer-overflow vulnerabilities because the application fails to perform adequate boundary-checks on user-supplied data. Attackers can exploit these issues to execute arbitrary code in the context of the currently logged-in user. Successful exploits will compromise the affected application and possibly the underlying computer. Failed exploit attempts may cause a denial-of-service condition. Adobe Photoshop CS4 11.01 is vulnerable; other versions may also be affected.