Update Protection against Adobe Photoshop CS4 ABR File Processing Buffer Overflow Vulnerability (APSB10-13)
| Check Point Reference: | CPAI-2010-213 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Adobe Security Bulletin APSB10-13 | |
| Industry Reference(s): | CVE-2010-1296 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Adobe Photoshop CS4 version 11.0.1 and earlier for Windows and Macintosh | ||
| Vulnerability Description A buffer overflow vulnerability has been reported in Adobe Photoshop CS4. Adobe Photoshop CS4 is a graphics editing program that features a 3D engine. By persuading a user to open a specially crafted ABR image file, an attacker may be able to execute arbitrary code on an affected system. |
||
|
Update/Patch Available Update to Photoshop CS4 11.0.2: Adobe Security Bulletin APSB10-13 |
|
|
Vulnerability Details The vulnerability is due to an error in Adobe Photoshop CS4 that fails to properly handle malformed ABR files. By convincing a user to open a malicious ABR file, a remote attacker could exploit this vulnerability. Successful exploitation may allow execution of arbitrary code on a vulnerable system. |
Protection Overview
This protection detects and blocks the transferring of malformed ABR files over HTTP.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection taband select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.