The Channel logo


By | John Leyden 1st May 2007 11:02

Bug brace menaces Adobe Photoshop

Unpatched graphics flaws menace mankind

Security researchers are warning of a brace of unpatched flaws in Adobe Photoshop that allow hackers to gain control of vulnerable PCs.

The first vulnerability – which affects Adobe Photoshop CS2, Adobe Photoshop CS3, and Adobe Photoshop Elements 5.x – leaves users open to attack if they open malformed PNG graphics files.

Discovered by white hat hacker Marsu, the flaw stems from a stack-based buffer overflow bug in a Photoshop Format Plugin involved in handling PNG files.

Marsu has also discovered a similar buffer overflow vulnerability in Adobe Photoshop CS2 and Adobe Photoshop CS3 involved in the handling of Bitmap files.

Successful exploitation of either security bug allows the execution of arbitrary code. Users are advised not to open untrusted PNG or Bitmap files pending the release of a security update from Adobe. ®

comment icon Read 10 comments on this article alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe