Adobe Photoshop CC & Bridge CC IFF file parsing memory corruption

2016.02.09
Risk: Medium
Local: Yes
Remote: No
CWE: N/A


CVSS Base Score: 10/10
Impact Subscore: 10/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Complete
Integrity impact: Complete
Availability impact: Complete

##################################################################################### Application: Adobe Photoshop CC & Bridge CC IFF file parsing memory corruption Platforms: Windows Versions: Bridge CC 6.1.1 and earlier versions Version: Photoshop CC 16.1.1 (2015.1.1) and earlier versions CVE; 2016-0953 Author: Francis Provencher of COSIG Twitter: @COSIG_ ##################################################################################### 1) Introduction 2) Report Timeline 3) Technical details 4) POC ##################################################################################### =============== 1) Introduction =============== Adobe Photoshop is a raster graphics editor developed and published by Adobe Systems for Windows and OS X. (https://en.wikipedia.org/wiki/Adobe_Photoshop) ##################################################################################### ============================ 2) Report Timeline ============================ 2015-11-11: Francis Provencher from COSIG report the issue to PSIRT (ADOBE); 2016-02-09: Adobe release a patch (APSB16-03); 2016-02-09: COSIG release this advisory; ##################################################################################### ============================ 3) Technical details ============================ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Photoshop CC & Bridge CC. User interaction is required to exploit this vulnerability in that the target must open a malicious file. By providing a malformed IFF file, an attacker can cause an heap memory corruption. An attacker could leverage this to execute arbitrary code under the context of the application. ##################################################################################### =========== 4) POC =========== http://protekresearchlab.com/exploits/COSIG-2016-10.iff ###############################################################################

References:

http://protekresearchlab.com/exploits/COSIG-2016-10.iff


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top