Summary
This host is installed with Adobe Photoshop and is prone to Buffer Overflow vulnerability.
Impact
Successful exploitation could allow remote attackers to execute arbitrary code within the context of the affected application or cause denial of service.
Impact Level: Application/System
Solution
Upgrade to Adobe Photoshop CS4 11.0.2 or later,
For updates refer to http://www.adobe.com/downloads/
Insight
This flaw is caused by improper bounds checking on user-supplied data, which could allow a remote attacker to execute arbitrary code on the system by persuading a victim to open a specially-crafted 'ASL', '.ABR', or '.GRD' file.
Affected
Adobe Photoshop CS4 before 11.0.2
References
- http://www.adobe.com/support/security/bulletins/apsb10-13.html
- http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4938.php
- http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4939.php
- http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4940.php
- http://xforce.iss.net/xforce/xfdb/58888
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2010-1296 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Reader 'File Extension' Buffer Overflow Vulnerability (Windows)
- BigAnt IM Server HTTP GET Request Buffer Overflow Vulnerability
- Adobe Flash CS3 SWF Processing Buffer Overflow Vulnerabilities
- Alpine tmail and dmail Buffer Overflow Vulnerabilities (Win)
- Cyrus IMAP Server 'split_wildmats()' Remote Buffer Overflow Vulnerability