Summary
This host is installed with Adobe Photoshop and is prone to Buffer Overflow vulnerability.
Impact
Successful exploitation could allow remote attackers to execute arbitrary code within the context of the affected application or cause denial of service.
Impact Level: Application/System
Solution
Upgrade to Adobe Photoshop CS4 11.0.2 or later,
For updates refer to http://www.adobe.com/downloads/
Insight
This flaw is caused by improper bounds checking on user-supplied data, which could allow a remote attacker to execute arbitrary code on the system by persuading a victim to open a specially-crafted 'ASL', '.ABR', or '.GRD' file.
Affected
Adobe Photoshop CS4 before 11.0.2
References
- http://www.adobe.com/support/security/bulletins/apsb10-13.html
- http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4938.php
- http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4939.php
- http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4940.php
- http://xforce.iss.net/xforce/xfdb/58888
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2010-1296 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- 3CTftpSvc TFTP Server Long Mode Buffer Overflow Vulnerability
- Citrix Provisioning Services 'streamprocess.exe' Component Remote Code Execution Vulnerability
- Adobe Reader/Acrobat Multiple BOF Vulnerabilities - Jun09 (Win)
- BreakPoint Software, Hex Workshop Buffer Overflow vulnerability
- BaoFeng Storm '.smpl' File Buffer Overflow Vulnerability