Last updated: August 31, 2012
Vulnerability identifier: APSB12-20
Priority: 3
CVE number: CVE-2012-4170, CVE-2012-0275
Platform: Windows and Macintosh
Summary
Adobe has released a security update for Adobe Photoshop CS6 (13.0) for Windows and Macintosh. This update addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system.Note that Adobe Photoshop CS5.1 (12.1.1) and Adobe Photoshop CS5 (12.0.5) and earlier versions for Windows and Macintosh are not affected by these vulnerabilities. No update is required for users of Adobe Photoshop CS5.1 (12.1.1) and Adobe Photoshop CS5 (12.0.5) and earlier versions for Windows and Macintosh.
Affected software versions
Adobe Photoshop CS6 (13.0) for Windows and Macintosh(Note: Adobe Photoshop CS5.1 (12.1.1) and Adobe Photoshop CS5 (12.0.5) and earlier versions for Windows and Macintosh are not affected by these vulnerabilities. No update is required for users of Adobe Photoshop CS5.1 (12.1.1) and Adobe Photoshop CS5 (12.0.5) and earlier versions for Windows and Macintosh.)
Solution
Adobe has released Adobe Photoshop CS6 (13.0.1) to address the vulnerabilities highlighted in this security bulletin.Adobe recommends users of Adobe Photoshop CS6 (13.0) update their product installations by following the instructions provided in the technote: http://blogs.adobe.com/photoshopdotcom/2012/08/photoshop-cs6-13-0-1-update-now-available.html.
Priority and Severity ratings
Adobe categorizes this update with the following priority rating:Product | Updated Version | Platform | Priority Rating |
---|---|---|---|
Adobe Photoshop | CS6 (13.0.1) | Windows and Macintosh | 3 |
This update addresses critical vulnerabilities in the software.
Details
Adobe has released a security update for Adobe Photoshop CS6 (13.0) for Windows and Macintosh. This update addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system.Note that Adobe Photoshop CS5.1 (12.1.1) and Adobe Photoshop CS5 (12.0.5) and earlier versions for Windows and Macintosh are not affected by these vulnerabilities. No update is required for users of Adobe Photoshop CS5.1 (12.1.1) and Adobe Photoshop CS5 (12.0.5) and earlier versions for Windows and Macintosh.
This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2012-4170).
This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2012-0275).
Acknowledgments
Adobe would like to thank the following individual and organization for reporting the relevant issues and for working with Adobe to help protect our customers:- Francis Provencher via Secunia SVCRP (CVE-2012-4170)
- Carsten Eiram, Secunia Research (CVE-2012-0275)
No comments:
Post a Comment