Security Holes Found in Photoshop CS2, CS3

Unpatched vulnerabilities found in Adobe Photoshop CS2 and CS3 could put users' computers at risk.

Jeremy Kirk, IDG News Service

Tuesday, May 01, 2007 8:00 AM PDT

A pair of security vulnerabilities found in certain versions of Adobe Systems Inc.'s popular Photoshop products could put users' computers at risk, according to security researchers. Neither flaw has been patched yet.

One vulnerability is caused by an error in how the BMP.8BI Photoshop Format Plugin processes bitmap files, according to a warning posted by Secunia ApS, a security vendor based in Denmark. A malicious bitmap could cause a stack-based buffer overflow that would allow control over the victim's computer.

Secunia, which rates the problem as "highly critical," one of its more severe ratings, advised users not to open untrusted bitmap images. The problem affects Photoshop CS2 and CS3, and could affect other products, Secunia said.

A second vulnerability, also "highly critical," comes from a problem in the PNG.8BI Photoshop Format Plugin, Secunia said. A stack-based buffer overflow is also possible if a user opens a malicious .PNG file, an image format. Users should not open unexpected .PNG files.

Products affected included Photoshop CS2, CS3 and 5.x versions of Photoshop Elements, Secunia said in its warning. The vendor attributed the discovery of both vulnerabilities to a security researcher named Marsu.

I'm done. Free.

Almost two years of being in a workplace that i considered my second home, I have decided to leave.

I dedicate this space for the two years of not speaking up, frustrations, guilt, anger and loneliness.

But most of all, I will be missing friends. Friends that I treasured so much. Friends that I've valued for almost two years. Friends that I considered one but never returned such kindness I gave them. Friends to which I loved. Friends to which who broke my heart. Friends who inspires me. Friends who gives me headache. Friends that I valued so much.

You will always be remembered.