Update Protection against Adobe Multiple Products BMP Image Header Handling Buffer Overflow Vulnerability
| Check Point Reference: | CPAI-2008-105 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Secunia Advisory: SA29838 | |
| Industry Reference(s): | CVE-2008-1765 | |
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? Adobe Systems Adobe Photoshop CS 3 Adobe Systems Adobe Photoshop Album Starter 3.2 Adobe Systems After Effects CS3 | ||
| Vulnerability Description A buffer overflow vulnerability was reported in the way multiple Adobe products handles BMP files. BMP is an image file format used to store bitmap digital images. A remote attacker could exploit this issue via a malformed BMP file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. |
||
|
Vulnerability Details The vulnerability is due to boundary errors when a BMP file Image Header is processed by any of the affected Adobe products. A remote attacker could trigger this flaw by convincing a victim to open a specially crafted BMP file. Successful exploitation of this issue may allow the attacker to execute arbitrary code on the affected system. |
Protection Overview
By enabling this protection, IPS-1 will detect and block malformed BMP files.
In order for the protection to be activated, update your product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.