Adobe Camera Raw Plug-in TIFF Image Processing Multiple Vulnerabilities

Last Update Date: 14 Dec 2012 11:03 Release Date: 14 Dec 2012 4790 Views

RISK: High Risk

High Risk

TYPE: Clients - Graphics & Design

TYPE: Graphics & Design

Multiple vulnerabilities have been identified in Adobe Camera Raw Plug-in, which can be exploited by malicious people to compromise a user's system.

  1. An error in the "Camera Raw.8bi" plug-in when processing a LZW compressed TIFF image can be exploited to cause a heap-based buffer underflow via a specially crafted LZW code within an image row strip.
  2. An integer overflow error in the "Camera Raw.8bi" plug-in when allocating memory during TIFF image processing can be exploited to cause a heap-based buffer overflow via specially crafted image dimensions.

Impact

  • Remote Code Execution

System / Technologies affected

  • Photoshop Camera Raw version 7.2 and earlier versions for Windows and Macintosh

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update the plug-in to version 7.3 via the application's update mechanism.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Apple QuickTime Multiple Vulnerabilities

13 Dec 2012 4806 Views

Next

VMware View Connection/Security Server Directory Traversal Vulnerability

17 Dec 2012 4729 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY