Signature Detail
Short Name |
HTTP:STC:ADOBE:PS-PNG-BO |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Adobe Products PNG File Handling Stack Buffer Overflow |
Release Date |
2010/10/07 |
Update Number |
1787 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Adobe Products PNG File Handling Stack Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Adobe Photoshop. A successful attack can lead to arbitrary code execution.
Extended Description
Multiple image editors are prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Successful exploits allow remote attackers to execute arbitrary machine code in the context of a vulnerable application. Failed exploit attempts likely result in denial-of-service conditions. The following are vulnerable: Adobe Photoshop CS2, CS3, and Elements 5.0 Corel Paint Shop Pro 11.20 Other versions may also be affected.
Affected Products
- Adobe GoLive 9
- Adobe Illustrator CS3
- Adobe Photoshop CS2
- Adobe Photoshop CS3
- Adobe Photoshop Elements 5.0
- Corel Paint Shop Pro Photo 11.20
References
- BugTraq: 23698
- CVE: CVE-2007-2365