Check Point Provides Network Protection Against Adobe Photoshop Remote Code Execution Vulnerability
( APSB-11-22, CVE-2011-2131 )
Summary
A remote code execution vulnerability has been discovered in Adobe Photoshop. The Check Point IPS Software Blade provides network protection against this issue in the latest IPS update.
Details
This vulnerability is due to insufficient boundary checking while handling GIF files, which can result in heap corruption. A remote attacker may trigger this vulnerability by enticing an unsuspecting user to open a maliciously crafted GIF file. Successful exploitation would allow an attacker to execute arbitrary code on the system, in the security context of the logged on user. An unsuccessful code execution could terminate the application, resulting in a denial of service condition.
Affected Products
This issue affects Photoshop CS5.1 and earlier.
Solution
The patch described in APSB-11-22 should be deployed as soon as is practical. In the meantime, the Check Point IPS Software Blade provides protection for unpatched systems at the network level by blocking attempts to transfer malicious GIF files. For more information, see CPAI-2011-429.
Originally Published:
Last Updated: 08-Nov-2011