Signature Detail

HTTP: Adobe Photoshop CS4 Multipe File Parsing Buffer Overflow

This signature detects attempts to exploit a known code execution vulnerability in Adobe Photoshop CS4. It is due to an input validation error while processing ABR (brush) and other graphics files such as ASL and GRD. Remote attackers can exploit this by enticing the target user to open a malicious ABR file. A successful attack can cause a heap buffer overflow that can lead to arbitrary code execution in the security context of the logged in user, or terminate the application resulting in a denial-of-service condition.

Extended Description

Adobe Photoshop is prone to multiple remote buffer-overflow vulnerabilities because the application fails to perform adequate boundary-checks on user-supplied data. Attackers can exploit these issues to execute arbitrary code in the context of the currently logged-in user. Successful exploits will compromise the affected application and possibly the underlying computer. Failed exploit attempts may cause a denial-of-service condition. Adobe Photoshop CS4 11.01 is vulnerable; other versions may also be affected.

Affected Products

• Adobe Photoshop CS
• Adobe Photoshop CS2
• Adobe Photoshop CS3
• Adobe Photoshop CS4
• Adobe Photoshop CS4 11.0.0
• Adobe Photoshop CS4 11.0.1
• Adobe Photoshop CS3 10.0

References

• BugTraq: 40389
• CVE: CVE-2010-1296