Security Bytes

May 1 2007   8:55AM GMT

‘Highly critical’ flaw affects Adobe Photoshop, Winamp

Leigha Leigha Cardwell Profile: Leigha

Danish security clearinghouse Secunia says the researcher Marsu has discovered a vulnerability in Adobe Photoshop attackers could exploit to cause a stack-based buffer overflow and run malicious code.

The problem is an error in the BMP.8BI Photoshop format plug-in that surfaces when Bitmap files are handled. This can be exploited to cause a stack-based buffer overflow via a specially crafted Bitmap file, and successful exploitation can lead to the execution of malicious code, the firm said.

Secunia confirmed the flaw in Adobe Photoshop CS2 and CS3. It warned users not to open untrusted Bitmap files.

A variation of the flaw appears to affect Winamp. In this case, the problem is an error in how MP4 files are handled and can be exploited to cause memory corruption via a specially crafted MP4 file, Secunia said.

The vulnerability is reported in version 5.34 and Secunia recommends users steer clear of untrusted MP4 files.

Technorati Tags: , ,

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: