Adobe.Photoshop.Style.Layer.Code.Execution

Release Date May 20, 2010
Severity critical
Impact System Compromise: Remote attackers can gain control of vulnerable systems.
Description This indicates an attempt to exploit a remote Code Execution vulnerability in Adobe Photoshop. The vulnerability is caused by an error that occurs when parsing a crafted ".ASL", ".ABR" or ".GRD" file. A remote attacker may exploit this to execute arbitrary code.
Affected Products Adobe Photoshop CS4 version 11.0.1 and earlier for Windows and Macintosh Adobe Photoshop Elements 8.0 Adobe Photoshop Elements 7.0
Recommended Actions Refer to the vendor's web site for the suggested workaround: http://www.adobe.com/support/security/bulletins/apsb10-13.html http://www.adobe.com/support/security/advisories/apsa11-03.html
Coverage IPS VCM
Common Vulnerabilities and Exposures (CVE) CVE-2010-1296 CVE-2011-2443
Reference/s http://www.securityfocus.com/bid/40389 (BugTraq) http://www.exploit-db.com/exploits/12753 http://www.exploit-db.com/exploits/12752 http://www.adobe.com/support/security/bulletins/apsb10-13.html http://www.exploit-db.com/exploits/12751 http://www.adobe.com/support/security/advisories/apsa11-03.html http://www.securityfocus.com/bid/49905 (BugTraq)

Fortinet