iTWire - 'Highly critical' flaw found in Photoshop

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Information Technology News

'Highly critical' flaw found in Photoshop

'Highly critical' flaw found in Photoshop

E-mail

by Stephen Withers
Friday, 27 April 2007
Secunia has publicised a "highly critical" security flaw in Photoshop CS2 and CS3. Other versions and even other programs may also be affected. Featured Whitepaper 5 Best Practices for Smartphone Support Attributed to 'Marsu,' the problem is that malformed bitmap files (including .BMP, .DIB and .RLE) can trigger a stack-based buffer overflow. A maliciously-crafted file can take advantage of this vulnerability to execute arbitrary code. Marsu has posted a sample exploit that runs Windows' calculator program when the specially-crafted image file is opened in Photoshop. Given that there's a common codebase for the Mac and Windows versions of Photoshop, it is likely that the flaw could be exploited on both platforms. It is also possible that Photoshop's routines for handling other types of files have similar flaws. Now-patched flaws in both Windows and Apple's QuickTime allowed exploits to be hidden in JPEG, GIF and bitmap files, among others. Furthermore, other Adobe applications may use the same routines as Photoshop. Until Adobe issues a patch, the recommendation is that users avoid opening bitmap files of uncertain parentage in Photoshop.{moscomment} Tags See All Tags Macintosh Malware Security Software Stephen Withers Windows Powered By Joomla Tags Please enable JavaScript in your browser to post your comment!

< Next story in category		Previous story in the category >

Sponsored Releases

Heathrow Airport Terminal 5 Live with Progress Software

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking