Preemptive Protection against Adobe Products PNG Buffer Overflow Vulnerability
| Check Point Reference: | CPAI-2007-056 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia Advisory: SA25044 | |
| Industry Reference(s): | CVE-2007-2365 | |
| Protection Provided by: |
VPN-1
|
|
| Who is Vulnerable? Adobe Systems Adobe Photoshop CS 2 Adobe Systems Adobe Photoshop CS 3 Adobe Systems Adobe Photoshop Elements (Editor) for Windows 5.0 | ||
| Vulnerability Description A remote code execution vulnerability has been discovered in the way several Adobe products process PNG files. PNG (Portable Network Graphics) is a bitmapped image format that is used as an alternative to other image formats such as GIF and TIFF. By persuading a user to open a specially crafted PNG image file, an attacker may be able to execute arbitrary code on an affected system. |
||
|
Vulnerability Details The vulnerability is due to a boundary error in the PNG.8BI plugin in the Adobe Photoshop that fails to properly handle malformed PNG files. By convincing a user to visit a specially crafted HTML documents or open a malicious web page, a remote attacker could create a stack-based buffer overflow. Successful exploitation may allow execution of arbitrary code on a vulnerable system. |
Protection Overview
By enabling this protection, SmartDefense will detect and block the transferring of malformed PNG files over HTTP. No update is required to address this vulnerability.
Users are protected against this vulnerability if the PNG protection for blocking malformed files in the Solution section of CPAI-2005-99 has been applied.
To configure the defense, select your product from the list below and follow the related protection steps.
VPN-1 NGX R65 & R62
How Can I Protect My Network?
1. In the SmartDefense tab, click Application Intelligence > Content Protection.
2. Select the following:
Malformed PNG
3. In the configuration pane, under Settings > Mode, check Active.
4. Install policy on all modules.
How Do I Know if My Network is Under Attack?
SmartView Tracker will log the following entries:
Attack Name: PNG Content Protection Violation
Attack Information: Malformed PNG
VPN-1 NGX R61, R60, VPN-1 NG with Application Intelligence R55W
How Can I Protect My Network?
1. In the SmartDefense tree, click Application Intelligence > Content Protection.
2. Select the following:
Malformed PNG
3. Install policy on all modules.
How Do I Know if My Network is Under Attack?
SmartView Tracker will log the following entries:
Attack Name: PNG Content Protection Violation
Attack Information: Malformed PNG
VPN-1 NG with Application Intelligence R55
How Can I Protect My Network?
1. In the SmartDefense tree, click Application Intelligence > Content Protection.
2. Select the following:
Malformed PNG
3. Install policy on all modules.
How Do I Know if My Network is Under Attack?
Rule #99803 will appear on the SmartView Tracker.
VPN-1 VSX NGX
How Can I Protect My Network?
1. In the SmartDefense tree, click Application Intelligence > Content Protection.
2. Select the following:
Malformed PNG
3. Install policy on all modules.
How Do I Know if My Network is Under Attack?
Rule #99803 will appear on the SmartView Tracker.
InterSpect NGX
How Can I Protect My Network?
1. In the left pane, select Profiles > Default Protection and select the SmartDefense page of the profile.
2. In the SmartDefense tree, click Application Intelligence > Content Protection.
3. Select the following protection:
Malformed PNG
4. Install security policy on all modules.
How Do I Know if My Network is Under Attack?
SmartView Tracker will log the following entries:
Attack Name: PNG Content Protection Violation
Attack Information: Malformed PNG
InterSpect 2.0
How Can I Protect My Network?
1. In the SmartDefense tree, click Application Intelligence > Content Protection.
2. Select the following pattern:
Malformed PNG
3. Install security policy on all modules.
How Do I Know if My Network is Under Attack?
SmartView Tracker will log the following entries:
Attack Name: PNG Content Protection Violation
Attack Information: Malformed PNG