Summary
This host is installed with Adobe Photoshop and is prone to Insecure Library Loading vulnerability.
Impact
Successful exploitation could allow remote attackers to execute arbitrary code and conduct DLL hijacking attacks.
Impact Level: Application
Solution
Apply Adobe Photoshop 12.0.3 update for Adobe Photoshop CS5.
For updates refer to http://www.adobe.com/downloads/
Insight
The flaw is caused by application insecurely loading certain librairies from the current working directory, which could allow attackers to execute arbitrary code by tricking a user into opening a file from a network share.
Affected
Adobe Photoshop CS2 through CS5
References
Severity
Classification
-
CVE CVE-2010-3127 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Air Multiple Vulnerabilities -01 May 13 (Windows)
- Adobe AIR Multiple Vulnerabilities-01 Dec13 (Mac OS X)
- Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Mac OS X
- Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Mac OS X)
- Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Windows)