Critical flaw found in Photoshop plug-in

Vulnerability in graphics-file format plug-in discovered in Adobe Systems' Photoshop Creative Suite.

Security researchers have found a "highly critical" flaw in the portable-network graphics plug-in for the latest version of Adobe Systems' Photoshop Creative Suite, as well as for other versions of the software that run on Windows.

The portable-network graphics, or PNG, plug-in vulnerabilities were discovered in Adobe Photoshop Creative Suite 3 (CS3), Photoshop CS2, and Adobe Photoshop Elements (Editor) version 5.0 for Windows, according to a report released Monday by Secunia, which cited a researcher named "Marsu" with the discovery. Marsu tested a public exploit against versions of the software running Windows XP SP2.

These security flaws follow a report last week by Marsu that identified another set of critical vulnerabilities in Adobe Photoshop CS3 and CS2 for Windows.

The vulnerabilities reported on Monday can be exploited via a boundry error in the PNG.8BI Photoshop format plug-in when processing PNG files. Using a malicious PNG file, attackers can exploit the flaws to launch a buffer overflow attack to compromise the user's system.

Featured Video
6
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Jaguar F-type S Coupe is beautiful and impractical

With stunning lines and sharp handling, the F-type S Coupe is an excellent sports car, and as impractical as a true sports car should be.

by Wayne Cunningham