Newsletter:

Skip Navigation LinksHome > News > Security > First flaws surface in new Photoshop

Site Map |

First flaws surface in new Photoshop

By Shaun Nichols
1 May 2007 10:44AM
Tags: first | flaws | surface | photoshop

Pair of vulnerabilities found in image-handling components.

Adobe Photoshop users are being warned to remain vigilant after a pair of vulnerabilities were reported in recent days.

The vulnerabilities affect the way that Photoshop processes certain types of images, and each can be exploited when a user opens a specially-crafted .png, .bmp, .dib or .rle bitmap image files. Both vulnerabilities affect Photoshop CS2 and CS3. The .png vulnerability also affects Photoshop Elements 5.x.

When exploited, both vulnerabilities could allow an attacker to remotely execute code on a user's system. No active attacks targeting the vulnerabilities have been reported. Discovery of both vulnerabilities is credited to a security reearcher by the name of "Marsu" on the milw0rm.com vulnerability disclosure site.

Security company Secunia rated both of the vulnerabilities as "highly critical", the company's second-highest alert level. Secunia advises users not to open untrusted .png, .bmp, .dib and .rle files.

A spokesperson said that the company is currently investigating the reports and declined any further comment.

Copyright © 2008 vnunet.com

   


Ads by Google


Thoughts on this article? Add a comment below.
Be the first to comment on this article.

Report this comment as offensive:

   * Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.  
Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 


 
Tripwire - Click here to win an iTouch



Tags

adobe apple apps bold critical first fixes flaws google iphone microsoft mobile mozilla photoshop quicktime security software sun surface systems


Product Reviews

AdventNet ManageEngine
Star Rating
The AdventNet Manage-Engine Password Manager Pro provides a complete system for password management in one...
Cyber-Ark Software Enterprise Password Vault
Star Rating
The Cyber-Ark Enterprise Password Vault, or EPV, is a high-end password management powerhouse.
Hitachi ID Systems ID-Archive
Star Rating
The Hitachi ID-Archive sets its focus on password randomisation.
Lieberman Software Enterprise Random PM
Star Rating
The Lieberman Software Enterprise Random Pass­word Manager is a full-on password manager and randomiser for...
Proginet Corporation SecurForce
Star Rating
Proginet SecurForce is a little bit of a horse of a different color for this month's Group Test.
Unified Communications Podcast Centre

TopTopics
(4991) -  broadband
(4886) -  telstra
(4851) -  nbn
(4338) -  internet
(4005) -  iinet
(3978) -  copyright
(3978) -  afact
(3676) -  servers
(3676) -  mipi
(2856) -  internode
(2530) -  network
(2210) -  microsoft
(1578) -  data
(1522) -  software
(1382) -  centre