Exploit code released for Adobe Photoshop flaw

Exploit code that could take advantage of a "highly critical" security flaw in the most recent versions of Adobe Photoshop has been published, a security researcher reported.

The security flaw affects Adobe Photoshop Creative Suite 3, as well as CS2, according to a security advisory issued by Secunia on Wednesday.

The vulnerability concerns the way Adobe Photoshop handles the processing of malicious bitmap files, such as .bmp, .dib and .rle. A malicious attacker could exploit the flaw to launch a buffer overflow attack. That buffer overflow would then allow the intruder to take over a user's system.

Although a security researcher has published code to demonstrate how to exploit the vulnerability, Secunia has yet to detect any malicious use of the code, said Thomas Kristensen, Secunia's chief technology officer.

"There are no active exploits out there yet, but any attacks will be limited," Kristensen said. "Photoshop is primarily used by advertising agencies and image editors and not a lot of private individuals."

Until Adobe Systems develops a fix, Secunia advises users to forgo opening bitmap files where the source of the file is not clear or verifiable.

A researcher named Marsu is credited with discovering the vulnerability.

Adobe, meanwhile, issued a statement saying it has been notified of the potential Photoshop security flaw and is investigating the issue.

Adobe recently released Photoshop CS3, which was part of its larger Creative Suite 3 product line, or next-generation design and Web applications. Adobe noted that it will update customers on its Photoshop CS3 investigation as it learns more.

[Sparky672]

Article is severly lacking.

C/Net is leaving out some critical information yet again.

Which PhotoShop platform does this effect?

Mac? Windows? or Both?

Of Adobe's total sales, slightly less than 50% are for the Mac
platform. I don't know what it is just for PhotoShop alone.

Since the percentage of Mac to Windows is somewhat greater for
PhotoShop users than the standard 5/95 ratio for computer
users in general, you'd think the affected operating system
would be mentioned at least once.

[MadKiwi]

Also lacking...

Three bitmap filetypes are mentioned, .bmp, .dib and .rle. Are these the only types affected? If so perhaps it's not such a big deal, especially for Mac users (if the exploit works on Macs too) as those aren't used that much in serious Photoshop work.

[MadKiwi]

Also lacking...

Three bitmap filetypes are mentioned, .bmp, .dib and .rle. Are these the only types affected? If so perhaps it's not such a big deal, especially for Mac users (if the exploit works on Macs too) as those aren't used that much in serious Photoshop work.

[imacpwr]

CNET conveniently forgets to mention it's a WINDOWS problem..!

What lame reporting CNET has done again, took me 2 clicks to find the truth about the exploit but CNET doesn't even bother to mention in the article what OS this exploit affects..

http://milw0rm.com/exploits/3793

* This sploit runs calc.exe.
* Tested against Win XP SP2 FR.
* Have Fun!

CNET = "The National Enquirer"

[Macsaresafer]

This is Cnet folks.

If it affected Macs, you can be sure they'd mention it. Since it
doesn't, they forget to tell us what platforms it affects.

[Siegfried Schtauffen]

Don't be so sure

This is just an expoit example where "Marsu" chose to use Calc to prove it could run anything, yet make it harmless at the same time. Chances are "Marsu" hasn't even got a Mac to test it on...

Next time, read your source.

[vp33]

talkback

where is it and what will it do or not do ? Seems strange they waited so long. Thanks for the post. I need all the info I can get in my head.

Thanks
~vjp~