In association with heise online

26 April 2007, 11:22

Malware infestation through bmp files in Photoshop

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A bug has been detected in the Creative Suite 2 and Creative Suite 3 versions of the Adobe Photoshop image editing software, encountered when malformed bitmap files are processed. These files with bmp, dib or rle extensions may trigger a buffer overflow that could be exploited by hackers for arbitrary code execution.

Marsu, who has detected this hole, has provided a sample exploit, which can be used to create manipulated bitmap files to exploit the problem, but does not provide more detailed information on this flaw. So far, Adobe has not published an update to fix this vulnerability. Until a patch is available, users of the affected Photoshop versions are advised only to open bitmap files from trusted sources.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit