##################################################################################### |
Application: Adobe Photoshop CS5 GIF Remote Code Execution |
Platforms: Adobe Photoshop CS5 (12.0 and 12.1) |
Exploitation: Remote code execution |
CVE Number: CVE-2011-2131 |
Adobe Vulnerability Identifier: APSB11-22 |
{PRL}: 2011-08 |
Author: Francis Provencher (Protek Research Lab's) |
Website: http://www.protekresearchlab.com/ |
Twitter: @ProtekResearch |
##################################################################################### |
1) Introduction |
2) Timeline |
3) Technical details |
4) PoC |
##################################################################################### |
=============== |
1) Introduction |
=============== |
Adobe Photoshop is a graphics editing program developed and published by Adobe Systems Incorporated. |
Adobe's 2003 "Creative Suite" rebranding led to Adobe Photoshop 8's renaming to Adobe Photoshop CS. Thus, |
Adobe Photoshop CS5 is the 12th major release of Adobe Photoshop. The CS rebranding also resulted |
in Adobe offering numerous software packages containing multiple Adobe programs for a reduced price. |
Adobe Photoshop is released in two editions: Adobe Photoshop, and Adobe Photoshop Extended, |
with the Extended having extra 3D image creation, motion graphics editing, and advanced image |
analysis features.[3]. Adobe Photoshop Extended is included in all of Adobe's Creative Suite offerings |
except Design Standard, which includes the Adobe Photoshop edition. |
http://en.wikipedia.org/wiki/Adobe_Photoshop |
##################################################################################### |
============================ |
2) Timeline |
============================ |
2011-06-14 - Vulnerability reported to vendor |
2011-09-09 - Coordinated public release of advisory |
##################################################################################### |
============================ |
3) Technical details |
============================ |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations |
of Adobe PhotoShop CS5. User interaction is required to exploit this vulnerability in that the |
target must open a malicious GIF file. When the "ushort ImageHeight" is crafted with an invalid value |
the memory is corrupted and arbitrary code can be run on the remote host. |
##################################################################################### |
=========== |
4) The Code |
=========== |
http://www.protekresearchlab.com/exploits/PRL-2011-08.gif |
http://exploit-db.com/sploits/17712.zip |
출처 : Exploit-DB
728x90
댓글