Vulners
Lucene search
Adobe Photoshop CC & Bridge CC - '.png' File Parsing Memory Corruption (1)
| Reporter | Title | Published | Views | Family All 16 |
|---|---|---|---|---|
 | Adobe Bridge CC < 6.2 Multiple Memory Corruption Vulnerabilities (APSB16-03) | 12 Feb 201600:00 | – | nessus |
| Adobe Photoshop CC < 15.2.4 / 16.1.2 Multiple Memory Corruption Vulnerabilities (APSB16-03) | 12 Feb 201600:00 | – | nessus |
| Adobe Bridge CC < 6.2 Multiple Memory Corruption Vulnerabilities (APSB16-03) (Mac OS X) | 12 Feb 201600:00 | – | nessus |
| Adobe Photoshop CC < 15.2.4 / 16.1.2 Multiple Memory Corruption Vulnerabilities (APSB16-03) (Mac OS X) | 12 Feb 201600:00 | – | nessus |
 | The vulnerability of the Adobe Photoshop graphic editor and the Adobe Bridge file manager allows a hacker to trigger a service failure or execute arbitrary code. | 2 Mar 201600:00 | – | bdu_fstec |
 | CVE-2016-0951 | 9 Feb 201600:00 | – | circl |
 | Adobe Photoshop CC Denial of Service Vulnerability | 11 Feb 201600:00 | – | cnvd |
 | CVE-2016-0951 | 10 Feb 201620:00 | – | cve |
 | CVE-2016-0951 | 10 Feb 201620:00 | – | cvelist |
 | CVE-2016-0951 | 10 Feb 201620:59 | – | nvd |
10
#####################################################################################
Application: Adobe Photoshop CC & Bridge CC PNG file parsing memory corruption
Platforms: Windows
Versions: Bridge CC 6.1.1 and earlier versions
Version: Photoshop CC 16.1.1 (2015.1.1) and earlier versions
CVE; 2016-0951
Author: Francis Provencher of COSIG
Twitter: @COSIG_
#####################################################################################
1) Introduction
2) Report Timeline
3) Technical details
4) POC
#####################################################################################
===============
1) Introduction
===============
Adobe Photoshop is a raster graphics editor developed and published by Adobe Systems for Windows and OS X.
(https://en.wikipedia.org/wiki/Adobe_Photoshop)
#####################################################################################
============================
2) Report Timeline
============================
2015-11-11: Francis Provencher from COSIG report the issue to PSIRT (ADOBE);
2016-02-09: Adobe release a patch (APSB16-03);
2016-02-09: COSIG release this advisory;
#####################################################################################
============================
3) Technical details
============================
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Photoshop CC & Bridge CC. User interaction is required to exploit this vulnerability in that the target must open a malicious file. By providing a malformed PNG file with an invalid uint32 Length, an attacker can cause an heap memory corruption. An attacker could leverage this to execute arbitrary code under the context of the application.
#####################################################################################
===========
4) POC
===========
(Theses files must be in the same folder for Bridge CC)
http://protekresearchlab.com/exploits/COSIG-2016-08-1.png
http://protekresearchlab.com/exploits/COSIG-2016-08-2.png
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/39429.zip
###############################################################################
# 0day.today [2018-01-03] #Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
09 Feb 2016 00:00Current
9.2High risk
Vulners AI Score9.2
EPSS0.17548