April 26, 2007 9:31 AM PDT

Exploit code released for Adobe Photoshop flaw

Exploit code released for Adobe Photoshop flaw
Related Stories

Adobe adds new Photoshop flavor with CS3

March 7, 2007

Adobe flaw puts PCs at risk

June 13, 2005
Exploit code that could take advantage of a "highly critical" security flaw in the most recent versions of Adobe Photoshop has been published, a security researcher reported.

The security flaw affects Adobe Photoshop Creative Suite 3, as well as CS2, according to a security advisory issued by Secunia on Wednesday.

The vulnerability concerns the way Adobe Photoshop handles the processing of malicious bitmap files, such as .bmp, .dib and .rle. A malicious attacker could exploit the flaw to launch a buffer overflow attack. That buffer overflow would then allow the intruder to take over a user's system.

Although a security researcher has published code to demonstrate how to exploit the vulnerability, Secunia has yet to detect any malicious use of the code, said Thomas Kristensen, Secunia's chief technology officer.

"There are no active exploits out there yet, but any attacks will be limited," Kristensen said. "Photoshop is primarily used by advertising agencies and image editors and not a lot of private individuals."

Until Adobe Systems develops a fix, Secunia advises users to forgo opening bitmap files where the source of the file is not clear or verifiable.

A researcher named Marsu is credited with discovering the vulnerability.

Adobe, meanwhile, issued a statement saying it has been notified of the potential Photoshop security flaw and is investigating the issue.

Adobe recently released Photoshop CS3, which was part of its larger Creative Suite 3 product line, or next-generation design and Web applications. Adobe noted that it will update customers on its Photoshop CS3 investigation as it learns more.

See more CNET content tagged:
Adobe PhotoShop, security flaw, Adobe Systems Inc., researcher, flaw

7 comments

Join the conversation!
Add your comment
Article is severly lacking.
C/Net is leaving out some critical information yet again.

Which PhotoShop platform does this effect?

Mac? Windows? or Both?

Of Adobe's total sales, slightly less than 50% are for the Mac
platform. I don't know what it is just for PhotoShop alone.

Since the percentage of Mac to Windows is somewhat greater for
PhotoShop users than the standard 5/95 ratio for computer
users in general, you'd think the affected operating system
would be mentioned at least once.
Posted by Sparky672 (244 comments )
Reply Link Flag
Also lacking...
Three bitmap filetypes are mentioned, .bmp, .dib and .rle. Are these the only types affected? If so perhaps it's not such a big deal, especially for Mac users (if the exploit works on Macs too) as those aren't used that much in serious Photoshop work.
Posted by MadKiwi (153 comments )
Link Flag
Also lacking...
Three bitmap filetypes are mentioned, .bmp, .dib and .rle. Are these the only types affected? If so perhaps it's not such a big deal, especially for Mac users (if the exploit works on Macs too) as those aren't used that much in serious Photoshop work.
Posted by MadKiwi (153 comments )
Link Flag
CNET conveniently forgets to mention it's a WINDOWS problem..!
What lame reporting CNET has done again, took me 2 clicks to find the truth about the exploit but CNET doesn't even bother to mention in the article what OS this exploit affects..

<a class="jive-link-external" href="http://milw0rm.com/exploits/3793" target="_newWindow">http://milw0rm.com/exploits/3793</a>

* This sploit runs calc.exe.
* Tested against Win XP SP2 FR.
* Have Fun!

CNET = "The National Enquirer"
Posted by imacpwr (456 comments )
Reply Link Flag
This is Cnet folks.
If it affected Macs, you can be sure they'd mention it. Since it
doesn't, they forget to tell us what platforms it affects.
Posted by Macsaresafer (802 comments )
Link Flag
Don't be so sure
This is just an expoit example where "Marsu" chose to use Calc to prove it could run anything, yet make it harmless at the same time. Chances are "Marsu" hasn't even got a Mac to test it on...

Next time, read your source.
Posted by Siegfried Schtauffen (269 comments )
Link Flag
talkback
where is it and what will it do or not do ? Seems strange they waited so long. Thanks for the post. I need all the info I can get in my head.

Thanks
~vjp~
Posted by vp33 (3 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.