From 0531523b372cc251a8391f5a12447d62f53916a9 Mon Sep 17 00:00:00 2001 From: luxagraf Date: Sun, 25 Oct 2015 08:45:11 -0400 Subject: initial commit --- .../Monkey_Bites/2007/04.30.07/Mon/photoshopflaws.txt | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 published/Webmonkey/Monkey_Bites/2007/04.30.07/Mon/photoshopflaws.txt (limited to 'published/Webmonkey/Monkey_Bites/2007/04.30.07/Mon/photoshopflaws.txt') diff --git a/published/Webmonkey/Monkey_Bites/2007/04.30.07/Mon/photoshopflaws.txt b/published/Webmonkey/Monkey_Bites/2007/04.30.07/Mon/photoshopflaws.txt new file mode 100644 index 0000000..f47a075 --- /dev/null +++ b/published/Webmonkey/Monkey_Bites/2007/04.30.07/Mon/photoshopflaws.txt @@ -0,0 +1,14 @@ +Photoshop isn't high on most people's list of ways to hijack a computer, but that doesn't mean it's immune to security risks. Two new flaws have recently been found in venerable photo editing program, including one that allows the execution of arbitrary code. + +The latest vulnerability, according to Secunia, a security research firm, is caused by a [boundary error in the PNG Photoshop Format Plugin][1]. The flaw has been confirmed in CS2 and is believed to affect the new CS3 as well. + +That news comes on heals of an announcement last week that a flaw in the way Adobe Photoshop handles Bitmap files leaves it open to [exploitation via malicious BMP files][2]. + + +Technically these exploits are not limited to Photoshop, but affect any Adobe product using the plug-ins. Secunia reports that that the BMP exploit has been tested in the wild, but the PNG remains thus far only theoretical. + +Still, since Adobe has not released any patches yet, Secunia recommends that users not open untrusted .bmp or .png files. + + +[1]: http://secunia.com/advisories/25044/ "PNG File Handling Buffer Overflow" +[2]: http://secunia.com/advisories/25023/ "Adobe Photoshop Bitmap File Handling Buffer Overflow Vulnerability " \ No newline at end of file -- cgit v1.2.3-70-g09d2