> Adobe Products PNG.8BI PNG File Handling Buffer Overflow
> SECUNIA ADVISORY ID:
> VERIFY ADVISORY:
> Highly critical
> System access
> From remote
> Adobe Photoshop Elements 5.x
> Adobe Photoshop CS3
> Adobe Photoshop CS2
> Marsu has discovered a vulnerability in various Adobe Products, which
> can be exploited by malicious people to compromise a user's system.
> The vulnerability is caused due to a boundary error within the
> PNG.8BI Photoshop Format Plugin when handling PNG files. This can be
> exploited to cause a stack-based buffer overflow via a specially
> crafted PNG file.
> Successful exploitation allows execution of arbitrary code.
> The vulnerability is confirmed in Adobe Photoshop CS2 and Adobe
> Photoshop Elements (Editor) version 5.0 for Windows and reportedly
> affects Adobe Photoshop CS3.
> Do not open untrusted PNG files.
> PROVIDED AND/OR DISCOVERED BY:
> ORIGINAL ADVISORY: