Search...

Adobe Photoshop CS6 Multiple Buffer Overflow Vulnerabilities (APSB12-20)

2012-09-04T00:00:00

ID ADOBE_PHOTOSHOP_APSB12-20.NASL
Type nessus
Reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2021-01-02T00:00:00

Description

The version of Adobe Photoshop installed on the remote host is less than CS6 13.0.1. Such versions are affected by multiple buffer overflow vulnerabilities that could lead to code execution.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#


include("compat.inc");


if (description)
{
  script_id(61775);
  script_version("1.10");
  script_cvs_date("Date: 2019/12/04");

  script_cve_id("CVE-2012-0275", "CVE-2012-4170");
  script_bugtraq_id(55333, 55372);

  script_name(english:"Adobe Photoshop CS6 Multiple Buffer Overflow Vulnerabilities (APSB12-20)");
  script_summary(english:"Checks Photoshop version");

  script_set_attribute(attribute:"synopsis", value:
"The remote host has an application that is affected by multiple buffer
overflow vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Adobe Photoshop installed on the remote host is less
than CS6 13.0.1.  Such versions are affected by multiple buffer 
overflow vulnerabilities that could lead to code execution.");
  script_set_attribute(attribute:"see_also", value:"http://secunia.com/secunia_research/2012-29/");
  script_set_attribute(attribute:"see_also", value:"http://www.adobe.com/support/security/bulletins/apsb12-20.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Adobe Photoshop CS6 13.0.1 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-0275");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/08/30");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/08/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/09/04");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:photoshop");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("adobe_photoshop_installed.nasl");
  script_require_keys("SMB/Adobe_Photoshop/Installed");

  exit(0);
}

include("global_settings.inc");
include("misc_func.inc");

get_kb_item_or_exit("SMB/Adobe_Photoshop/Installed");

vers = get_kb_list('SMB/Adobe_Photoshop/Version');
if (isnull(vers)) exit(1, 'The "SMB/Adobe_Photoshop/Version" KB list is missing.');

info =  '';
info2 = '';
vuln = 0;
foreach version (vers)
{
  ver = split(version, sep:'.', keep:FALSE);
  for (i=0; i&lt;max_index(ver); i++)
    ver[i] = int(ver[i]);

  path = get_kb_item('SMB/Adobe_Photoshop/'+version+'/Path');
  if (isnull(path)) path = 'n/a';

  product_name = get_kb_item('SMB/Adobe_Photoshop/'+version+'/Product');
  if(isnull(product_name)) product_name = "Adobe Photoshop";

  verui = get_kb_item('SMB/Adobe_Photoshop/'+version+'/Version_UI');
  if (isnull(verui)) verui = version;
 
  # version 13.x &lt; 13.0.1 Vuln 
  if (ver[0] == 13 && ver[1] == 0 && ver[2] &lt; 1)
  {
    vuln++;
    info += '\n  Product           : '+ product_name+
            '\n  Path              : '+path+
            '\n  Installed version : '+verui+
            '\n  Fixed version     : 13.0.1 \n';
  }
  else info2 += ' and ' + verui;
}

if (info)
{
  if (report_verbosity &gt; 0)
  {
    if (vuln &gt; 1) s = "s of Adobe Photoshop are";
    else s = " of Adobe Photoshop is";

    report =
      '\nThe following vulnerable instance'+s+' installed on the'+
      '\nremote host :\n'+
      info;
    security_hole(port:get_kb_item("SMB/transport"), extra:report);
  }
  else security_hole(get_kb_item("SMB/transport"));

  exit(0);
}

if (info2)
{
  info2 -= " and ";
  if (" and " &gt;&lt; info2) be = "are";
  else be = "is";

  exit(0, "The host is not affected since Adobe Photoshop "+info2+" "+be+" installed.");
}
else exit(1, "Unexpected error - 'info2' is empty.");

JSON Vulners Source

Initial Source

{"id": "ADOBE_PHOTOSHOP_APSB12-20.NASL", "bulletinFamily": "scanner", "title": "Adobe Photoshop CS6 Multiple Buffer Overflow Vulnerabilities (APSB12-20)", "description": "The version of Adobe Photoshop installed on the remote host is less\nthan CS6 13.0.1. Such versions are affected by multiple buffer \noverflow vulnerabilities that could lead to code execution.", "published": "2012-09-04T00:00:00", "modified": "2021-01-02T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://www.tenable.com/plugins/nessus/61775", "reporter": "This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.adobe.com/support/security/bulletins/apsb12-20.html", "http://secunia.com/secunia_research/2012-29/"], "cvelist": ["CVE-2012-4170", "CVE-2012-0275"], "type": "nessus", "lastseen": "2021-01-01T01:14:22", "edition": 23, "viewCount": 30, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-4170", "CVE-2012-0275"]}, {"type": "openvas", "idList": ["OPENVAS:802782", "OPENVAS:1361412562310802786", "OPENVAS:803026", "OPENVAS:1361412562310803025", "OPENVAS:803025", "OPENVAS:802786", "OPENVAS:1361412562310803026", "OPENVAS:1361412562310802782"]}, {"type": "kaspersky", "idList": ["KLA10030", "KLA10029"]}, {"type": "nessus", "idList": ["ADOBE_PHOTOSHOP_APSB12-11.NASL", "MACOSX_ADOBE_PHOTOSHOP_APSB12-20.NASL"]}, {"type": "exploitdb", "idList": ["EDB-ID:20971"]}, {"type": "seebug", "idList": ["SSV:60355"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12575", "SECURITYVULNS:DOC:28533"]}], "modified": "2021-01-01T01:14:22", "rev": 2}, "score": {"value": 9.0, "vector": "NONE", "modified": "2021-01-01T01:14:22", "rev": 2}, "vulnersScore": 9.0}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(61775);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\"CVE-2012-0275\", \"CVE-2012-4170\");\n script_bugtraq_id(55333, 55372);\n\n script_name(english:\"Adobe Photoshop CS6 Multiple Buffer Overflow Vulnerabilities (APSB12-20)\");\n script_summary(english:\"Checks Photoshop version\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an application that is affected by multiple buffer\noverflow vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Photoshop installed on the remote host is less\nthan CS6 13.0.1. Such versions are affected by multiple buffer \noverflow vulnerabilities that could lead to code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://secunia.com/secunia_research/2012-29/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-20.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Photoshop CS6 13.0.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-0275\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/08/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:photoshop\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"adobe_photoshop_installed.nasl\");\n script_require_keys(\"SMB/Adobe_Photoshop/Installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/Adobe_Photoshop/Installed\");\n\nvers = get_kb_list('SMB/Adobe_Photoshop/Version');\nif (isnull(vers)) exit(1, 'The \"SMB/Adobe_Photoshop/Version\" KB list is missing.');\n\ninfo = '';\ninfo2 = '';\nvuln = 0;\nforeach version (vers)\n{\n ver = split(version, sep:'.', keep:FALSE);\n for (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n path = get_kb_item('SMB/Adobe_Photoshop/'+version+'/Path');\n if (isnull(path)) path = 'n/a';\n\n product_name = get_kb_item('SMB/Adobe_Photoshop/'+version+'/Product');\n if(isnull(product_name)) product_name = \"Adobe Photoshop\";\n\n verui = get_kb_item('SMB/Adobe_Photoshop/'+version+'/Version_UI');\n if (isnull(verui)) verui = version;\n \n # version 13.x < 13.0.1 Vuln \n if (ver[0] == 13 && ver[1] == 0 && ver[2] < 1)\n {\n vuln++;\n info += '\\n Product : '+ product_name+\n '\\n Path : '+path+\n '\\n Installed version : '+verui+\n '\\n Fixed version : 13.0.1 \\n';\n }\n else info2 += ' and ' + verui;\n}\n\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (vuln > 1) s = \"s of Adobe Photoshop are\";\n else s = \" of Adobe Photoshop is\";\n\n report =\n '\\nThe following vulnerable instance'+s+' installed on the'+\n '\\nremote host :\\n'+\n info;\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n\n exit(0);\n}\n\nif (info2)\n{\n info2 -= \" and \";\n if (\" and \" >< info2) be = \"are\";\n else be = \"is\";\n\n exit(0, \"The host is not affected since Adobe Photoshop \"+info2+\" \"+be+\" installed.\");\n}\nelse exit(1, \"Unexpected error - 'info2' is empty.\");\n", "naslFamily": "Windows", "pluginID": "61775", "cpe": ["cpe:/a:adobe:photoshop"], "scheme": null}

{"cve": [{"lastseen": "2020-10-03T12:06:09", "description": "Buffer overflow in Adobe Photoshop CS6 13.x before 13.0.1 allows remote attackers to execute arbitrary code via a crafted file.", "edition": 3, "cvss3": {}, "published": "2012-08-31T14:55:00", "title": "CVE-2012-4170", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4170"], "modified": "2013-04-19T03:24:00", "cpe": ["cpe:/a:adobe:photoshop_cs6:13.0"], "id": "CVE-2012-4170", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4170", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:adobe:photoshop_cs6:13.0:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:05:59", "description": "Heap-based buffer overflow in Photoshop.exe in Adobe Photoshop CS5 12.x before 12.0.5, CS5.1 12.1.x before 12.1.1, and CS6 13.x before 13.0.1 allows remote attackers to execute arbitrary code via a crafted TIFF image with SGI24LogLum compression.", "edition": 3, "cvss3": {}, "published": "2012-09-04T11:04:00", "title": "CVE-2012-0275", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0275"], "modified": "2017-08-29T01:30:00", "cpe": ["cpe:/a:adobe:photoshop_cs5.5:12.1", "cpe:/a:adobe:photoshop_cs5.5:12.0.4", "cpe:/a:adobe:photoshop_cs6:13.0", "cpe:/a:adobe:photoshop_cs5.5:12.0.3", "cpe:/a:adobe:photoshop_cs5.5:12.0.1", "cpe:/a:adobe:photoshop_cs5.5:12.0.2"], "id": "CVE-2012-0275", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0275", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:adobe:photoshop_cs5.5:12.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:photoshop_cs6:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:photoshop_cs5.5:12.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:photoshop_cs5.5:12.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:photoshop_cs5.5:12.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:photoshop_cs5.5:12.0.3:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-02T21:10:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4170", "CVE-2012-0275"], "description": "This host is installed with Adobe Photoshop and is prone to buffer\n overflow vulnerabilities.", "modified": "2017-04-11T00:00:00", "published": "2012-09-03T00:00:00", "id": "OPENVAS:803026", "href": "http://plugins.openvas.org/nasl.php?oid=803026", "type": "openvas", "title": "Adobe Photoshop PNG Image Processing Buffer Overflow Vulnerabilities (Mac OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_photoshop_png_image_file_bof_vuln_macosx.nasl 5931 2017-04-11 09:02:04Z teissa $\n#\n# Adobe Photoshop PNG Image Processing Buffer Overflow Vulnerabilities (Mac OS X)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to execute arbitrary code.\n Impact Level: System/Application\";\ntag_affected = \"Adobe Photoshop version prior to CS6 (13.0) on Mac OS X\";\ntag_insight = \"- A boundary error in the 'Standard MultiPlugin.8BF' module fails to\n process a Portable Network Graphics (PNG) image, which allows attacker to\n cause a buffer overflow via a specially crafted 'tRNS' chunk size.\n - Improper validation in Photoshop.exe when decompressing\n SGI24LogLum-compressed TIFF images.\";\ntag_solution = \"Upgrade to Adobe Photoshop version CS6 (13.0.1) or later,\n For updates refer to http://www.adobe.com/downloads/\";\ntag_summary = \"This host is installed with Adobe Photoshop and is prone to buffer\n overflow vulnerabilities.\";\n\nif(description)\n{\n script_id(803026);\n script_version(\"$Revision: 5931 $\");\n script_cve_id(\"CVE-2012-4170\", \"CVE-2012-0275\");\n script_bugtraq_id(55333, 55372);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-11 11:02:04 +0200 (Tue, 11 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-03 18:23:45 +0530 (Mon, 03 Sep 2012)\");\n script_name(\"Adobe Photoshop PNG Image Processing Buffer Overflow Vulnerabilities (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/49141\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb12-20.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_adobe_photoshop_detect_macosx.nasl\");\n script_require_keys(\"Adobe/Photoshop/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nphotoVer = \"\";\n\nphotoVer = get_kb_item(\"Adobe/Photoshop/MacOSX/Version\");\nif(!photoVer){\n exit(0);\n}\n\nphotoVer = eregmatch(pattern:\"([0-9.]+)\", string:photoVer);\nif(photoVer[0])\n{\n ## Check for Adobe Photoshop versions with patch\n ## Adobe Photoshop CS6(13.0)\n if(version_is_equal(version:photoVer[0], test_version:\"13.0\")){\n security_message(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4170", "CVE-2012-0275"], "description": "This host is installed with Adobe Photoshop and is prone to buffer\n overflow vulnerabilities.", "modified": "2018-10-12T00:00:00", "published": "2012-09-03T00:00:00", "id": "OPENVAS:1361412562310803026", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803026", "type": "openvas", "title": "Adobe Photoshop PNG Image Processing Buffer Overflow Vulnerabilities (Mac OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_photoshop_png_image_file_bof_vuln_macosx.nasl 11857 2018-10-12 08:25:16Z cfischer $\n#\n# Adobe Photoshop PNG Image Processing Buffer Overflow Vulnerabilities (Mac OS X)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:photoshop_cs6\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803026\");\n script_version(\"$Revision: 11857 $\");\n script_cve_id(\"CVE-2012-4170\", \"CVE-2012-0275\");\n script_bugtraq_id(55333, 55372);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:25:16 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-03 18:23:45 +0530 (Mon, 03 Sep 2012)\");\n script_name(\"Adobe Photoshop PNG Image Processing Buffer Overflow Vulnerabilities (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/49141\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-20.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_adobe_photoshop_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Photoshop/MacOSX/Version\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to execute arbitrary code.\");\n script_tag(name:\"affected\", value:\"Adobe Photoshop version prior to CS6 (13.0) on Mac OS X\");\n script_tag(name:\"insight\", value:\"- A boundary error in the 'Standard MultiPlugin.8BF' module fails to\n process a Portable Network Graphics (PNG) image, which allows attacker to\n cause a buffer overflow via a specially crafted 'tRNS' chunk size.\n\n - Improper validation in Photoshop.exe when decompressing\n SGI24LogLum-compressed TIFF images.\");\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Photoshop version CS6 (13.0.1) or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Photoshop and is prone to buffer\n overflow vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.adobe.com/downloads/\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) ) exit( 0 );\nvers = infos['version'];\npath = infos['location'];\n\nif( version_is_equal( version:vers, test_version:\"13.0\" ) ) {\n report = report_fixed_ver( installed_version:\"CS6 \" + vers, fixed_version:\"13.0.1\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4170", "CVE-2012-0275"], "description": "This host is installed with Adobe Photoshop and is prone to buffer\n overflow vulnerabilities.", "modified": "2018-10-12T00:00:00", "published": "2012-09-03T00:00:00", "id": "OPENVAS:1361412562310803025", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803025", "type": "openvas", "title": "Adobe Photoshop PNG Image Processing Buffer Overflow Vulnerabilities (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_photoshop_png_image_file_bof_vuln_win.nasl 11857 2018-10-12 08:25:16Z cfischer $\n#\n# Adobe Photoshop PNG Image Processing Buffer Overflow Vulnerabilities (Windows)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:photoshop_cs6\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803025\");\n script_version(\"$Revision: 11857 $\");\n script_cve_id(\"CVE-2012-4170\", \"CVE-2012-0275\");\n script_bugtraq_id(55333, 55372);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:25:16 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-03 16:36:21 +0530 (Mon, 03 Sep 2012)\");\n script_name(\"Adobe Photoshop PNG Image Processing Buffer Overflow Vulnerabilities (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/49141\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-20.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_photoshop_detect.nasl\");\n script_mandatory_keys(\"Adobe/Photoshop/Ver\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to execute arbitrary code.\");\n script_tag(name:\"affected\", value:\"Adobe Photoshop version CS6 (13.0) on Windows\");\n script_tag(name:\"insight\", value:\"- A boundary error in the 'Standard MultiPlugin.8BF' module fails to\n process a Portable Network Graphics (PNG) image, which allows attacker to\n cause a buffer overflow via a specially crafted 'tRNS' chunk size.\n\n - Improper validation in Photoshop.exe when decompressing\n SGI24LogLum-compressed TIFF images.\");\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Photoshop version CS6 (13.0.1) or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Photoshop and is prone to buffer\n overflow vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.adobe.com/downloads/\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) ) exit( 0 );\nvers = infos['version'];\npath = infos['location'];\n\nif( version_is_equal( version:vers, test_version:\"13.0\" ) ) {\n report = report_fixed_ver( installed_version:\"CS6 \" + vers, fixed_version:\"13.0.1\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:10:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4170", "CVE-2012-0275"], "description": "This host is installed with Adobe Photoshop and is prone to buffer\n overflow vulnerabilities.", "modified": "2017-04-18T00:00:00", "published": "2012-09-03T00:00:00", "id": "OPENVAS:803025", "href": "http://plugins.openvas.org/nasl.php?oid=803025", "type": "openvas", "title": "Adobe Photoshop PNG Image Processing Buffer Overflow Vulnerabilities (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_photoshop_png_image_file_bof_vuln_win.nasl 5963 2017-04-18 09:02:14Z teissa $\n#\n# Adobe Photoshop PNG Image Processing Buffer Overflow Vulnerabilities (Windows)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to execute arbitrary code.\n Impact Level: System/Application\";\ntag_affected = \"Adobe Photoshop version CS6 (13.0) on Windows\";\ntag_insight = \"- A boundary error in the 'Standard MultiPlugin.8BF' module fails to\n process a Portable Network Graphics (PNG) image, which allows attacker to\n cause a buffer overflow via a specially crafted 'tRNS' chunk size.\n - Improper validation in Photoshop.exe when decompressing\n SGI24LogLum-compressed TIFF images.\";\ntag_solution = \"Upgrade to Adobe Photoshop version CS6 (13.0.1) or later,\n For updates refer to http://www.adobe.com/downloads/\";\ntag_summary = \"This host is installed with Adobe Photoshop and is prone to buffer\n overflow vulnerabilities.\";\n\nif(description)\n{\n script_id(803025);\n script_version(\"$Revision: 5963 $\");\n script_cve_id(\"CVE-2012-4170\", \"CVE-2012-0275\");\n script_bugtraq_id(55333, 55372);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-18 11:02:14 +0200 (Tue, 18 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-03 16:36:21 +0530 (Mon, 03 Sep 2012)\");\n script_name(\"Adobe Photoshop PNG Image Processing Buffer Overflow Vulnerabilities (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/49141\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb12-20.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_reg_enum.nasl\", \"gb_adobe_photoshop_detect.nasl\");\n script_require_keys(\"Adobe/Photoshop/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n## Variable Initiliazation\nphotoVer = \"\";\nadobeVer = \"\";\nappkey = \"\";\nappPath = \"\";\n\n## Check for adobe versions CS6\nadobeVer = get_kb_item(\"Adobe/Photoshop/Ver\");\nif(!adobeVer || \"CS6\" >!< adobeVer){\n exit(0);\n}\n\nadobeVer = eregmatch(pattern:\"CS([0-9.]+) ?([0-9.]+)\", string: adobeVer);\n\n## Check for Adobe Photoshop versions without patch\n## Adobe Photoshop CS6 (13.0)\nif(adobeVer[2] && version_is_equal(version:adobeVer[2] , test_version:\"13.0\")){\n security_message(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:10:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2027", "CVE-2012-2052", "CVE-2012-2028", "CVE-2012-0275"], "description": "This host is installed with Adobe Photoshop and is prone to buffer\n overflow and use after free vulnerabilities.", "modified": "2017-04-18T00:00:00", "published": "2012-05-16T00:00:00", "id": "OPENVAS:802786", "href": "http://plugins.openvas.org/nasl.php?oid=802786", "type": "openvas", "title": "Adobe Photoshop BOF and Use After Free Vulnerabilities (Mac OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_photoshop_bof_n_use_after_free_vuln_macosx.nasl 5963 2017-04-18 09:02:14Z teissa $\n#\n# Adobe Photoshop BOF and Use After Free Vulnerabilities (Mac OS X)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_solution = \"Apply patch for Adobe Photoshop CS5 and CS5.1,\n For updates refer to http://helpx.adobe.com/photoshop/kb/security-update-photoshop.html\n\n Or upgrade to Adobe Photoshop version CS6 or later,\n For updates refer to http://www.adobe.com/downloads/\";\n\ntag_impact = \"Successful exploitation will allow attackers to execute arbitrary code.\n Impact Level: Application/System\";\ntag_affected = \"Adobe Photoshop version prior to CS6 on Mac OS X\";\ntag_insight = \"The flaws are due to\n - An insufficient input validation while decompressing TIFF images.\n - An input sanitisation error when parsing TIFF images can be exploited\n to cause a heap based buffer overflow via a specially crafted file.\";\ntag_summary = \"This host is installed with Adobe Photoshop and is prone to buffer\n overflow and use after free vulnerabilities.\";\n\nif(description)\n{\n script_id(802786);\n script_version(\"$Revision: 5963 $\");\n script_cve_id(\"CVE-2012-2027\", \"CVE-2012-2028\", \"CVE-2012-2052\", \"CVE-2012-0275\");\n script_bugtraq_id(53421, 52634, 53464, 55372);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-18 11:02:14 +0200 (Tue, 18 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-16 12:11:54 +0530 (Wed, 16 May 2012)\");\n script_name(\"Adobe Photoshop BOF and Use After Free Vulnerabilities (Mac OS X)\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/48457/\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id/1027046\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb12-11.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_photoshop_detect_macosx.nasl\");\n script_require_keys(\"Adobe/Photoshop/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nphotoVer = \"\";\n\nphotoVer = get_kb_item(\"Adobe/Photoshop/MacOSX/Version\");\nif(!photoVer){\n exit(0);\n}\n\nphotoVer = eregmatch(pattern:\"([0-9.]+)\", string:photoVer);\nif(photoVer[0])\n{\n ## Check for Adobe Photoshop versions with patch\n ## Adobe Photoshop CS5 (12.0.5) and CS5.1 (12.1.1)\n if(version_is_less(version:photoVer[0], test_version:\"12.0.5\"))\n {\n security_message(0);\n exit(0);\n }\n\n if(\"12.1\" >< photoVer)\n {\n if(version_is_less(version:photoVer[0], test_version:\"12.1.1\")){\n security_message(0);\n }\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:10:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2027", "CVE-2012-2052", "CVE-2012-2028", "CVE-2012-0275"], "description": "This host is installed with Adobe Photoshop and is prone to buffer\n overflow and use after free vulnerabilities.", "modified": "2017-04-13T00:00:00", "published": "2012-05-15T00:00:00", "id": "OPENVAS:802782", "href": "http://plugins.openvas.org/nasl.php?oid=802782", "type": "openvas", "title": "Adobe Photoshop BOF and Use After Free Vulnerabilities (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_adobe_photoshop_bof_n_use_after_free_vuln_win.nasl 5950 2017-04-13 09:02:06Z teissa $\n#\n# Adobe Photoshop BOF and Use After Free Vulnerabilities (Windows)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_solution = \"Apply patch for Adobe Photoshop CS5 and CS5.1,\n For updates refer to http://helpx.adobe.com/photoshop/kb/security-update-photoshop.html\n\n Or upgrade to Adobe Photoshop version CS6 or later,\n For updates refer to http://www.adobe.com/downloads/\";\n\ntag_impact = \"Successful exploitation will allow attackers to execute arbitrary code.\n Impact Level: Application/System\";\ntag_affected = \"Adobe Photoshop version prior to CS6 on Windows\";\ntag_insight = \"The flaws are caused by\n - An insufficient input validation while decompressing TIFF images.\n - An input sanitisation error when parsing TIFF images can be exploited\n to cause a heap-based buffer overflow via a specially crafted file.\";\ntag_summary = \"This host is installed with Adobe Photoshop and is prone to buffer\n overflow and use after free vulnerabilities.\";\n\nif(description)\n{\n script_id(802782);\n script_version(\"$Revision: 5950 $\");\n script_cve_id(\"CVE-2012-2027\", \"CVE-2012-2028\", \"CVE-2012-2052\", \"CVE-2012-0275\");\n script_bugtraq_id(53421, 52634, 53464, 55372);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-13 11:02:06 +0200 (Thu, 13 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-15 15:41:49 +0530 (Tue, 15 May 2012)\");\n script_name(\"Adobe Photoshop BOF and Use After Free Vulnerabilities (Windows)\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/48457/\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id/1027046\");\n script_xref(name : \"URL\" , value : \"http://www.adobe.com/support/security/bulletins/apsb12-11.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_reg_enum.nasl\", \"gb_adobe_photoshop_detect.nasl\");\n script_require_keys(\"Adobe/Photoshop/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n## Variable Initiliazation\nphotoVer = \"\";\nversion = \"\";\nappkey = \"\";\nappPath = \"\";\n\n## Check application is installed\nphotoVer = get_kb_item(\"Adobe/Photoshop/Ver\");\nif(!photoVer){\n exit(0);\n}\n\nif(\"CS\" >< photoVer)\n{\n version = eregmatch(pattern:\"CS([0-9.]+) ([0-9.]+)\", string:photoVer);\n if(version[2]){\n photoVer = version[2];\n }\n}\n\n## Check for Adobe Photoshop versions with patch\n## Adobe Photoshop CS5 (12.0.5) and CS5.1 (12.1.1)\nif(version_is_less(version:photoVer, test_version:\"12.0.5\"))\n{\n security_message(0);\n exit(0);\n}\n\nif(\"12.1\" >< photoVer)\n{\n if(version_is_less(version:photoVer, test_version:\"12.1.1\")){\n security_message(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-05-15T17:30:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2027", "CVE-2012-2052", "CVE-2012-2028", "CVE-2012-0275"], "description": "This host is installed with Adobe Photoshop and is prone to buffer\n overflow and use after free vulnerabilities.", "modified": "2020-05-13T00:00:00", "published": "2012-05-16T00:00:00", "id": "OPENVAS:1361412562310802786", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802786", "type": "openvas", "title": "Adobe Photoshop BOF and Use After Free Vulnerabilities (Mac OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Photoshop BOF and Use After Free Vulnerabilities (Mac OS X)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802786\");\n script_version(\"2020-05-13T14:08:32+0000\");\n script_cve_id(\"CVE-2012-2027\", \"CVE-2012-2028\", \"CVE-2012-2052\", \"CVE-2012-0275\");\n script_bugtraq_id(53421, 52634, 53464, 55372);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-05-13 14:08:32 +0000 (Wed, 13 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-05-16 12:11:54 +0530 (Wed, 16 May 2012)\");\n script_name(\"Adobe Photoshop BOF and Use After Free Vulnerabilities (Mac OS X)\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/48457/\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/id/1027046\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-11.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_photoshop_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Photoshop/MacOSX/Version\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Adobe Photoshop version prior to CS6 on Mac OS X.\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to\n\n - An insufficient input validation while decompressing TIFF images.\n\n - An input sanitisation error when parsing TIFF images can be exploited\n to cause a heap based buffer overflow via a specially crafted file.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Photoshop and is prone to buffer\n overflow and use after free vulnerabilities.\");\n\n script_tag(name:\"solution\", value:\"Apply patch for Adobe Photoshop CS5 and CS5.1, or upgrade to Adobe Photoshop version CS6 or later.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://helpx.adobe.com/photoshop/kb/security-update-photoshop.html\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ncpe_list = make_list( \"cpe:/a:adobe:photoshop_cs5\",\n \"cpe:/a:adobe:photoshop_cs5.1\" );\n\nif( ! infos = get_app_version_and_location_from_list( cpe_list:cpe_list, exit_no_version:TRUE ) )\n exit( 0 );\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\n## Adobe Photoshop CS5 (12.0.5) and CS5.1 (12.1.1)\nif( version_is_less( version:vers, test_version:\"12.0.5\" ) ) {\n installed = \"CS5 \" + vers;\n fixed = \"CS5 12.0.5\";\n}\n\nif( vers =~ \"^12\\.1\" ) {\n if( version_is_less( version:vers, test_version:\"12.1.1\" ) ) {\n installed = \"CS5.1 \" + vers;\n fixed = \"CS5.1 12.1.1\";\n }\n}\n\nif( fixed ) {\n report = report_fixed_ver( installed_version:installed, fixed_version:fixed, install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-15T17:30:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2027", "CVE-2012-2052", "CVE-2012-2028", "CVE-2012-0275"], "description": "This host is installed with Adobe Photoshop and is prone to buffer\n overflow and use after free vulnerabilities.", "modified": "2020-05-13T00:00:00", "published": "2012-05-15T00:00:00", "id": "OPENVAS:1361412562310802782", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802782", "type": "openvas", "title": "Adobe Photoshop BOF and Use After Free Vulnerabilities (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Photoshop BOF and Use After Free Vulnerabilities (Windows)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802782\");\n script_version(\"2020-05-13T14:08:32+0000\");\n script_cve_id(\"CVE-2012-2027\", \"CVE-2012-2028\", \"CVE-2012-2052\", \"CVE-2012-0275\");\n script_bugtraq_id(53421, 52634, 53464, 55372);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-05-13 14:08:32 +0000 (Wed, 13 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-05-15 15:41:49 +0530 (Tue, 15 May 2012)\");\n script_name(\"Adobe Photoshop BOF and Use After Free Vulnerabilities (Windows)\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/48457/\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/id/1027046\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-11.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_photoshop_detect.nasl\");\n script_mandatory_keys(\"Adobe/Photoshop/Ver\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Adobe Photoshop version prior to CS6 on Windows.\");\n\n script_tag(name:\"insight\", value:\"The flaws are caused by\n\n - An insufficient input validation while decompressing TIFF images.\n\n - An input sanitisation error when parsing TIFF images can be exploited\n to cause a heap-based buffer overflow via a specially crafted file.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Photoshop and is prone to buffer\n overflow and use after free vulnerabilities.\");\n\n script_tag(name:\"solution\", value:\"Apply the patch for Adobe Photoshop CS5 and CS5.1,\n or upgrade to Adobe Photoshop version CS6 or later.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ncpe_list = make_list( \"cpe:/a:adobe:photoshop_cs5\",\n \"cpe:/a:adobe:photoshop_cs5.1\" );\n\nif( ! infos = get_app_version_and_location_from_list( cpe_list:cpe_list, exit_no_version:TRUE ) )\n exit( 0 );\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\n## Adobe Photoshop CS5 (12.0.5) and CS5.1 (12.1.1)\nif( version_is_less( version:vers, test_version:\"12.0.5\" ) ) {\n installed = \"CS5 \" + vers;\n fixed = \"CS5 12.0.5\";\n}\n\nif( vers =~ \"^12\\.1\" ) {\n if( version_is_less( version:vers, test_version:\"12.1.1\" ) ) {\n installed = \"CS5.1 \" + vers;\n fixed = \"CS5.1 12.1.1\";\n }\n}\n\nif( fixed ) {\n report = report_fixed_ver( installed_version:installed, fixed_version:fixed, install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-01T03:27:02", "description": "The version of Adobe Photoshop installed on the remote Mac OS X host\nis prior to CS6 13.0.1. It is, therefore, affected by remote code\nexecution vulnerabilities due to multiple buffer overflows. A remote\nattacker, using a crafted file, can exploit these to execute arbitrary\ncode.", "edition": 24, "published": "2012-09-21T00:00:00", "title": "Adobe Photoshop CS6 for Mac Multiple RCE Vulnerabilities (APSB12-20) (Mac OS X)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4170", "CVE-2012-0275"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:adobe:photoshop", "cpe:/a:adobe:photoshop_cs6"], "id": "MACOSX_ADOBE_PHOTOSHOP_APSB12-20.NASL", "href": "https://www.tenable.com/plugins/nessus/62222", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(62222);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\"CVE-2012-0275\", \"CVE-2012-4170\");\n script_bugtraq_id(55333, 55372);\n script_xref(name:\"EDB-ID\", value:\"20971\");\n\n script_name(english:\"Adobe Photoshop CS6 for Mac Multiple RCE Vulnerabilities (APSB12-20) (Mac OS X)\");\n script_summary(english:\"Checks the Photoshop version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an application that is affected by multiple remote\ncode execution vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Photoshop installed on the remote Mac OS X host\nis prior to CS6 13.0.1. It is, therefore, affected by remote code\nexecution vulnerabilities due to multiple buffer overflows. A remote\nattacker, using a crafted file, can exploit these to execute arbitrary\ncode.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://secunia.com/secunia_research/2012-29/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb12-20.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Adobe Photoshop CS6 13.0.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/08/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:photoshop\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:photoshop_cs6\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_adobe_photoshop_installed.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe Photoshop\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"audit.inc\");\ninclude(\"install_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nos = get_kb_item('Host/MacOSX/Version');\nif (!os) audit(AUDIT_OS_NOT, 'Mac OS X');\n\nget_kb_item_or_exit(\"installed_sw/Adobe Photoshop\");\n\napp = 'Adobe Photoshop';\n\ninstall=get_single_install(app_name:app, exit_if_unknown_ver:TRUE);\n\nproduct = install['name'];\nif (\"CS6\" >!< product)\n exit(0, \"Only Adobe Photoshop CS6 is affected.\");\n\npath = install['path'];\nversion = install['version'];\n\nif(\n ver_compare(ver:version, fix:'13.0', strict:FALSE) >= 0 &&\n ver_compare(ver:version, fix:'13.0.1', strict:FALSE) < 0\n )\n{\n if (report_verbosity > 0)\n {\n report = '\\n Product : ' + product +\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 13.0.1';\n\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, app + \" CS6\", version);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T01:14:22", "description": "The version of Adobe Photoshop installed on the remote Windows host is\nprior to CS5 (12.0.5) or CS5.1 (12.1.1). It is, therefore, multiple\narbitrary code execution vulnerabilities :\n\n - Multiple heap-based buffer overflow conditions exist due\n to a failure to properly sanitize user-supplied input\n when decompressing and handling TIFF image files. An\n unauthenticated, remote attacker can exploit these\n issues, by convincing a user to open a specially crafted\n TIFF image file, to execute arbitrary code.\n (CVE-2012-2027, CVE-2012-2028)\n\n - A buffer overflow condition exists in the U3D.8bi plugin\n due to a failure to properly sanitize user-supplied\n input. An unauthenticated, remote attacker can exploit\n this, by convincing a user to open a file containing a\n specially crafted Collada (.dae) asset element, to\n execute arbitrary code. (CVE-2012-2052)\n\n - A heap-based buffer overflow condition exists in\n photoshop.exe due to a failure to properly sanitize\n user-supplied input when decompressing a SGI24LogLum\n compressed TIFF image. An unauthenticated, remote\n attacker can exploit this, by convincing a user to open\n a specially crafted TIFF image file, to execute\n arbitrary code. (CVE-2012-0275)", "edition": 29, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2012-05-17T00:00:00", "title": "Adobe Photoshop < CS5 / CS5.1 Multiple Arbitrary Code Execution Vulnerabilities (APSB12-11)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2027", "CVE-2012-2052", "CVE-2012-2028", "CVE-2012-0275"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:adobe:photoshop"], "id": "ADOBE_PHOTOSHOP_APSB12-11.NASL", "href": "https://www.tenable.com/plugins/nessus/59172", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59172);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\n \"CVE-2012-0275\",\n \"CVE-2012-2027\",\n \"CVE-2012-2028\",\n \"CVE-2012-2052\"\n );\n script_bugtraq_id(\n 52634,\n 53421,\n 53464,\n 55372\n );\n script_xref(name:\"EDB-ID\", value:\"18633\");\n script_xref(name:\"EDB-ID\", value:\"18862\");\n\n script_name(english:\"Adobe Photoshop < CS5 / CS5.1 Multiple Arbitrary Code Execution Vulnerabilities (APSB12-11)\");\n script_summary(english:\"Checks Photoshop version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an application installed that is affected by\nmultiple arbitrary code execution vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Photoshop installed on the remote Windows host is\nprior to CS5 (12.0.5) or CS5.1 (12.1.1). It is, therefore, multiple\narbitrary code execution vulnerabilities :\n\n - Multiple heap-based buffer overflow conditions exist due\n to a failure to properly sanitize user-supplied input\n when decompressing and handling TIFF image files. An\n unauthenticated, remote attacker can exploit these\n issues, by convincing a user to open a specially crafted\n TIFF image file, to execute arbitrary code.\n (CVE-2012-2027, CVE-2012-2028)\n\n - A buffer overflow condition exists in the U3D.8bi plugin\n due to a failure to properly sanitize user-supplied\n input. An unauthenticated, remote attacker can exploit\n this, by convincing a user to open a file containing a\n specially crafted Collada (.dae) asset element, to\n execute arbitrary code. (CVE-2012-2052)\n\n - A heap-based buffer overflow condition exists in\n photoshop.exe due to a failure to properly sanitize\n user-supplied input when decompressing a SGI24LogLum\n compressed TIFF image. An unauthenticated, remote\n attacker can exploit this, by convincing a user to open\n a specially crafted TIFF image file, to execute\n arbitrary code. (CVE-2012-0275)\");\n # https://web.archive.org/web/20150222012212/http://protekresearchlab.com/index.php?option=com_content&view=article&id=40&Itemid=40\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?268de05d\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.adobe.com/support/security/bulletins/apsb12-11.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/photoshop/kb/security-update-photoshop.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Photoshop CS6 (13.0). Alternatively, apply the patch\nreferenced in the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-0275\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/03/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:photoshop\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"adobe_photoshop_installed.nasl\");\n script_require_keys(\"SMB/Adobe_Photoshop/Installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/Adobe_Photoshop/Installed\");\n\nvers = get_kb_list('SMB/Adobe_Photoshop/Version');\nif (isnull(vers)) exit(1, 'The \"SMB/Adobe_Photoshop/Version\" KB list is missing.');\n\ninfo = '';\ninfo2 = '';\nvuln = 0;\nforeach version (vers)\n{\n ver = split(version, sep:'.', keep:FALSE);\n for (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n path = get_kb_item('SMB/Adobe_Photoshop/'+version+'/Path');\n if (isnull(path)) path = 'n/a';\n\n product_name = get_kb_item('SMB/Adobe_Photoshop/'+version+'/Product');\n if(isnull(product_name)) product_name = \"Adobe Photoshop\";\n\n verui = get_kb_item('SMB/Adobe_Photoshop/'+version+'/Version_UI');\n if (isnull(verui)) verui = version;\n\n # version < 12.0.5 / 12.1.1 Vuln\n if (\n ver[0] < 12 ||\n (\n ver[0] == 12 &&\n (\n (ver[1] == 0 && ver[2] < 5) ||\n (ver[1] == 1 && ver[2] < 1)\n )\n )\n )\n {\n if (ver[0] == 12 && ver[1] == 0) fix = \"CS5 (12.0.5) / CS6 (13.0)\";\n else if (ver[0] == 12 && ver[1] == 1) fix = \"CS5.1 (12.1.1) / CS6 (13.0)\";\n else fix = \"CS6 (13.0)\";\n\n vuln++;\n info += '\\n Product : '+ product_name+\n '\\n Path : '+path+\n '\\n Installed version : '+verui+\n '\\n Fixed version : '+fix+'\\n';\n }\n else\n info2 += \" and \" + verui;\n}\n\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (vuln > 1) s = \"s of Adobe Photoshop are\";\n else s = \" of Adobe Photoshop is\";\n\n report =\n '\\nThe following vulnerable instance'+s+' installed on the'+\n '\\nremote host :\\n'+\n info;\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n\n exit(0);\n}\n\nif (info2)\n{\n info2 -= \" and \";\n if (\" and \" >< info2) be = \"are\";\n else be = \"is\";\n\n exit(0, \"The host is not affected since Adobe Photoshop \"+info2+\" \"+be+\" installed.\");\n}\nelse exit(1, \"Unexpected error - 'info2' is empty.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2020-09-02T11:59:08", "bulletinFamily": "info", "cvelist": ["CVE-2012-4170", "CVE-2012-0275"], "description": "### *Detect date*:\n08/30/2012\n\n### *Severity*:\nCritical\n\n### *Description*:\nBuffer overflow vulnerabilities were found in Adobe Photoshop. By exploiting this vulnerability malicious users can execute arbitrary code. These vulnerabilities can be exploited from the network at a point related to an unknown application via a specially designed file or TIFF image with SGI24LogLum compression.\n\n### *Affected products*:\nAdobe Photoshop CS6 version 13.0 for Windows and Mac OS\n\n### *Solution*:\nUpdate to latest version \n[Photoshop](<https://www.adobe.com/products/photoshop.html>)\n\n### *Original advisories*:\n[Adobe bulletin](<http://www.adobe.com/support/security/bulletins/apsb12-20.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Adobe Photoshop CS6](<https://threats.kaspersky.com/en/product/Adobe-Photoshop-CS6/>)\n\n### *CVE-IDS*:\n[CVE-2012-0275](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0275>)10.0Critical \n[CVE-2012-4170](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4170>)9.3Critical", "edition": 41, "modified": "2020-05-22T00:00:00", "published": "2012-08-30T00:00:00", "id": "KLA10029", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10029", "title": "\r KLA10029ACE vulnerabilities in Adobe Photoshop ", "type": "kaspersky", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-02T11:45:07", "bulletinFamily": "info", "cvelist": ["CVE-2012-2027", "CVE-2012-2052", "CVE-2012-2028", "CVE-2012-0275"], "description": "### *Detect date*:\n05/08/2012\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Adobe Photoshop. Malicious users can exploit these vulnerabilities to execute arbitrary code.\n\n### *Affected products*:\nAdobe Photoshop CS5.1 versions 12.1 and earlier for Windows and Mac OS\n\n### *Solution*:\nUpdate to latest version \n[Photoshop](<https://www.adobe.com/products/photoshop.html>)\n\n### *Original advisories*:\n[Adobe bulletin](<http://www.adobe.com/support/security/bulletins/apsb12-11.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Adobe Photoshop](<https://threats.kaspersky.com/en/product/Adobe-Photoshop/>)\n\n### *CVE-IDS*:\n[CVE-2012-2028](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2028>)9.3Critical \n[CVE-2012-2052](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2052>)9.3Critical \n[CVE-2012-0275](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0275>)10.0Critical \n[CVE-2012-2027](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2027>)9.3Critical", "edition": 40, "modified": "2020-05-22T00:00:00", "published": "2012-05-08T00:00:00", "id": "KLA10030", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10030", "title": "\r KLA10030ACE vulnerabilities in Adobe Photoshop ", "type": "kaspersky", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "exploitdb": [{"lastseen": "2016-02-02T15:23:39", "description": "Adobe Photoshop CS6 - PNG Parsing Heap Overflow. CVE-2012-4170. Dos exploit for windows platform", "published": "2012-09-01T00:00:00", "type": "exploitdb", "title": "Adobe Photoshop CS6 - PNG Parsing Heap Overflow", "bulletinFamily": "exploit", "cvelist": ["CVE-2012-4170"], "modified": "2012-09-01T00:00:00", "id": "EDB-ID:20971", "href": "https://www.exploit-db.com/exploits/20971/", "sourceData": "#####################################################################################\r\nApplication: Adobe Photoshop CS6 PNG Parsing Heap Overflow\r\n\r\nPlatforms: Windows & Macintosh\r\nVersions: 13.x\r\nSecunia: SA49141\r\n\r\n{PRL}: 2012-27\r\n\r\nAuthor: Francis Provencher (Protek Research Lab's) \r\n\r\nWebsite: http://www.protekresearchlab.com/\r\n\r\nTwitter: @ProtekResearch\r\n\r\n#####################################################################################\r\n\r\n1) Introduction\r\n2) Report Timeline\r\n3) Technical details\r\n4) POC\r\n\r\n\r\n#####################################################################################\r\n\r\n===============\r\n1) Introduction\r\n===============\r\n \r\nAdobe Photoshop is a graphics editing program developed and published by Adobe Systems Incorporated.\r\nAdobe's 2003 \"Creative Suite\" rebranding led to Adobe Photoshop 8's renaming to Adobe Photoshop CS.\r\nThus, Adobe Photoshop CS6 is the 13th major release of Adobe Photoshop. The CS rebranding also resulted\r\nin Adobe offering numerous software packages containing multiple Adobe programs for a reduced price.\r\nAdobe Photoshop is released in two editions: Adobe Photoshop, and Adobe Photoshop Extended, with the\r\nExtended having extra 3D image creation, motion graphics editing, and advanced image analysis features.[6]\r\nAdobe Photoshop Extended is included in all of Adobe's Creative Suite offerings except Design Standard,\r\nwhich includes the Adobe Photoshop edition. Alongside Photoshop and Photoshop Extended, Adobe also\r\npublishes Photoshop Elements and Photoshop Lightroom, collectively called \"The Adobe Photoshop Family\".\r\nIn 2008, Adobe released Adobe Photoshop Express, a free web-based image editing tool to edit photos directly\r\non blogs and social networking sites; in 2011 a version was released for the Android operating system and the\r\niOS operating system.[7][8] Adobe only supports Windows and Macintosh versions of Photoshop, but using Wine,\r\nPhotoshop CS6 can run well on Linux\r\n \r\n(http://en.wikipedia.org/wiki/Adobe_Photoshop)\r\n#####################################################################################\r\n\r\n============================\r\n2) Report Timeline\r\n============================\r\n\r\n2012-05-10 Vulnerability reported to Secunia\r\n2012-08-31 Publication of this advisory \r\n\r\n#####################################################################################\r\n\r\n============================\r\n3) Technical details\r\n============================\r\nThe vulnerability is caused due to a boundary error in the \"Standart MultiPlugin.8BF\" module\r\nwhen processing a Portable Network Graphics (PNG) image. This can be exploited to cause\r\na heap-based buffer overflow via a specially crafted \"tRNS\" chunk size. Successful exploitation\r\nmay allow execution of arbitrary code, but requires tricking a user into opening a malicious image.\r\n\r\n#####################################################################################\r\n\r\n===========\r\n4) POC\r\n===========\r\n\r\nhttp://www.protekresearchlab.com/exploits/PRL-2012-27.png\r\nhttps://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20971.png\r\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/20971/"}], "seebug": [{"lastseen": "2017-11-19T17:52:54", "description": "BUGTRAQ ID: 55333\r\nCVE ID: CVE-2012-4170\r\n\r\nPhotoshop\u662f\u7531Adobe\u516c\u53f8\u5f00\u53d1\u7684\u56fe\u5f62\u5904\u7406\u7cfb\u5217\u8f6f\u4ef6\u4e4b\u4e00\uff0c\u4e3b\u8981\u5e94\u7528\u4e8e\u5728\u56fe\u50cf\u5904\u7406\u3001\u5e7f\u544a\u8bbe\u8ba1\u7684\u4e00\u4e2a\u7535\u8111\u8f6f\u4ef6\u3002\r\n\r\nAdobe Photoshop CS6 (13.0)\u5728\u5904\u7406\u67d0\u4e9b\u683c\u5f0f\u7684\u6587\u4ef6\u65f6\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u5f53\u53d7\u5bb3\u8005\u6253\u5f00\u4e00\u4e2a\u6076\u610f\u6587\u4ef6\u65f6\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u53d7\u5bb3\u8005\u8eab\u4efd\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u63a7\u5236\u8ba1\u7b97\u673a\u3002\n0\nAdobe Photoshop CS6 (13.0)\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nAdobe\r\n-----\r\nAdobe\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08apsb12-20\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\n\r\napsb12-20\uff1aSecurity update available for Adobe Photoshop CS6\r\n\r\n\u94fe\u63a5\uff1ahttp://www.adobe.com/support/security/bulletins/apsb12-20.html", "published": "2012-09-04T00:00:00", "type": "seebug", "title": "Adobe Photoshop CS6 (13.0) \u8fdc\u7a0b\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2012-4170"], "modified": "2012-09-04T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60355", "id": "SSV:60355", "sourceData": "", "sourceHref": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:45", "bulletinFamily": "software", "cvelist": ["CVE-2012-0275"], "description": "\r\n\r\n====================================================================== \r\n\r\n Secunia Research 03/09/2012\r\n\r\n - Adobe Photoshop TIFF SGI24LogLum Decompression Buffer Overflow -\r\n\r\n====================================================================== \r\nTable of Contents\r\n\r\nAffected Software....................................................1\r\nSeverity.............................................................2\r\nVendor's Description of Software.....................................3\r\nDescription of Vulnerability.........................................4\r\nSolution.............................................................5\r\nTime Table...........................................................6\r\nCredits..............................................................7\r\nReferences...........................................................8\r\nAbout Secunia........................................................9\r\nVerification........................................................10\r\n\r\n====================================================================== \r\n1) Affected Software \r\n\r\n* Adobe Photoshop CS5\r\n* Adobe Photoshop CS5.1\r\n* Adobe Photoshop CS6\r\n\r\nNOTE: Other versions may also be affected.\r\n\r\n====================================================================== \r\n2) Severity \r\n\r\nRating: Highly Critical\r\nImpact: System Compromise\r\nWhere: Remote\r\n\r\n====================================================================== \r\n3) Vendor's Description of Software \r\n\r\n"Adobe Photoshop CS6 software delivers even more imaging magic, new \r\ncreative options, and the Adobe Mercury Graphics Engine for blazingly\r\nfast performance.".\r\n\r\nProduct Link:\r\nhttp://www.adobe.com/products/photoshop.html\r\n\r\n====================================================================== \r\n4) Description of Vulnerability\r\n\r\nSecunia Research has discovered a vulnerability in Adobe Photoshop, \r\nwhich can be exploited by malicious people to compromise a user's \r\nsystem.\r\n\r\nThe vulnerability is caused by insufficient validation in \r\nPhotoshop.exe when decompressing SGI24LogLum-compressed TIFF images. \r\nThis can be exploited via a specially crafted TIFF image to cause a \r\nheap-based buffer overflow.\r\n\r\nSuccessful exploitation may allow execution of arbitrary code.\r\n\r\n====================================================================== \r\n5) Solution \r\n\r\nUpdate to version 12.0.5, 12.1.1, or 13.0.1.\r\n\r\n====================================================================== \r\n6) Time Table \r\n\r\n27/03/2012 - Vendor notified.\r\n27/03/2012 - Vendor response.\r\n08/05/2012 - Vulnerability addressed in CS5 and CS5.1 via APSB12-11.\r\n04/07/2012 - Status update requested.\r\n04/07/2012 - Vendor confirms fix in APSB12-11 and confirms that CS6 \r\n is still vulnerable. Fix to be included in next update.\r\n30/08/2012 - APSB12-20 released. Vulnerability fixed, but no mention \r\n of it in the security bulletin. Vendor contacted for \r\n status update.\r\n31/08/2012 - Vendor confirmation that vulnerability was addressed. \r\n APSB12-11 and APSB12-20 updated accordingly.\r\n03/09/2012 - Public disclosure.\r\n\r\n====================================================================== \r\n7) Credits \r\n\r\nDiscovered by Carsten Eiram, Secunia Research.\r\n\r\n====================================================================== \r\n8) References\r\n\r\nThe Common Vulnerabilities and Exposures (CVE) project has assigned \r\nCVE-2012-0275 for the vulnerability.\r\n\r\n====================================================================== \r\n9) About Secunia\r\n\r\nSecunia offers vulnerability management solutions to corporate\r\ncustomers with verified and reliable vulnerability intelligence\r\nrelevant to their specific system configuration:\r\n\r\nhttp://secunia.com/advisories/business_solutions/\r\n\r\nSecunia also provides a publicly accessible and comprehensive advisory\r\ndatabase as a service to the security community and private \r\nindividuals, who are interested in or concerned about IT-security.\r\n\r\nhttp://secunia.com/advisories/\r\n\r\nSecunia believes that it is important to support the community and to\r\ndo active vulnerability research in order to aid improving the \r\nsecurity and reliability of software in general:\r\n\r\nhttp://secunia.com/secunia_research/\r\n\r\nSecunia regularly hires new skilled team members. Check the URL below\r\nto see currently vacant positions:\r\n\r\nhttp://secunia.com/corporate/jobs/\r\n\r\nSecunia offers a FREE mailing list called Secunia Security Advisories:\r\n\r\nhttp://secunia.com/advisories/mailing_lists/\r\n\r\n====================================================================== \r\n10) Verification \r\n\r\nPlease verify this advisory by visiting the Secunia website:\r\nhttp://secunia.com/secunia_research/2012-29/\r\n\r\nComplete list of vulnerability reports published by Secunia Research:\r\nhttp://secunia.com/secunia_research/\r\n\r\n======================================================================\r\n", "edition": 1, "modified": "2012-09-04T00:00:00", "published": "2012-09-04T00:00:00", "id": "SECURITYVULNS:DOC:28533", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28533", "title": "Secunia Research: Adobe Photoshop TIFF SGI24LogLum Decompression Buffer Overflow", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:48", "bulletinFamily": "software", "cvelist": ["CVE-2012-0275"], "description": "Buffer overflow on TIFF parsing.", "edition": 1, "modified": "2012-09-04T00:00:00", "published": "2012-09-04T00:00:00", "id": "SECURITYVULNS:VULN:12575", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12575", "title": "Adobe Photoshop buffer overflow", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}