Lucene search
K

Adobe Photoshop 12.1 - .tiff Parsing Use-After-Free

🗓️ 20 Mar 2012 00:00:00Reported by Francis ProvencherType 
exploitpack
 exploitpack
👁 36 Views

Adobe Photoshop 12.1 - .tiff Parsing Use-After-Free vulnerability on Window

Code
#####################################################################################

Application:   Adobe Photoshop 12.1 Tiff Parsing Use-After-Free

Platforms:   Windows

{PRL}:   2012-07

Author:   Francis Provencher (Protek Research Lab's)

Website:   http://www.protekresearchlab.com/

Twitter:   @ProtekResearch


#####################################################################################

1) Introduction
2) Report Timeline
3) Technical details
4) POC


#####################################################################################

===============
1) Introduction
===============

 

Adobe Photoshop is a graphics editing program developed and published by Adobe Systems Incorporated.

Adobe's 2003 "Creative Suite" rebranding led to Adobe Photoshop 8's renaming to Adobe Photoshop CS.

Thus, Adobe Photoshop CS5 is the 12th major release of Adobe Photoshop. The CS rebranding also resulted

in Adobe offering numerous software packages containing multiple Adobe programs for a reduced price.

Adobe Photoshop is released in two editions: Adobe Photoshop, and Adobe Photoshop Extended, with the

Extended having extra 3D image creation, motion graphics editing, and advanced image analysis features.[6]

Adobe Photoshop Extended is included in all of Adobe's Creative Suite offerings except Design Standard,

which includes the Adobe Photoshop edition. Alongside Photoshop and Photoshop Extended, Adobe also

publishes Photoshop Elements and Photoshop Lightroom, collectively called "The Adobe Photoshop Family".

In 2008, Adobe released Adobe Photoshop Express, a free web-based image editing tool to edit photos directly

on blogs and social networking sites; in 2011 a version was released for the Android operating system and the

iOS operating system.[7][8] Adobe only supports Windows and Macintosh versions of Photoshop, but using Wine,

Photoshop CS5 can run well on Linux

 

(http://en.wikipedia.org/wiki/Adobe_Photoshop)

#####################################################################################

============================
2) Report Timeline
============================

2011-09-20  Vulnerability reported to Adobe
2012-03-20  Publication of this advisory (180 days after reporting to the vendor)


#####################################################################################

============================
3) Technical details
============================

 

The vulnerability is caused due to an error when processing Tiff file format image, which can be exploited to cause

a use-after-free by e.g. tricking a user into opening a specially crafted file.

 


#####################################################################################

===========
4) POC
===========

http://www.protekresearchlab.com/exploits/PRL-2012-07.tif
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/18633.tif

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation