Showing results for 
Search instead for 
Did you mean: 

Adobe Photoshop - Unpatched BMP image vulnerability

Adobe is working to promptly correct this security issue. Users should be careful in loading image files into the Photoshop environment (esp. from email, USB devices, or any other untrusted sources)

Adobe Products BMP Handling Buffer Overflow Vulnerability

QUOTE: Successful exploitation may allow execution of arbitrary code via a specially crafted BMP file. Reportedly, the vulnerability can also be exploited when a malicious storage device (e.g. USB drives, cameras) is being attached to a vulnerable computer. The vulnerability is reported in Adobe Photoshop Album Starter Edition 3.2 and Adobe After Effects CS3. Other versions may also be affected.

Solution: Do not process untrusted BMP files using the affected applications. Do not connect untrusted storage devices to the local computer.

Original Advisory - Adobe: