Vulnerability Description
Multiple buffer overflows in Adobe Photoshop CS2 and CS3, Illustrator CS3, and GoLive 9 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) BMP, (2) DIB, or (3) RLE file.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Golive | 9 |
| Adobe | Illustrator | cs3 |
| Adobe | Photoshop | 9.0.2 |
Related Weaknesses (CWE)
References
- http://osvdb.org/38064
- http://osvdb.org/38065
- http://osvdb.org/38066
- http://secunia.com/advisories/25023Vendor Advisory
- http://secunia.com/advisories/26846Vendor Advisory
- http://secunia.com/advisories/26864Vendor Advisory
- http://securitytracker.com/id?1018792
- http://www.adobe.com/support/security/bulletins/apsb07-13.html
- http://www.adobe.com/support/security/bulletins/apsb07-16.html
- http://www.adobe.com/support/security/bulletins/apsb07-17.html
- http://www.osvdb.org/35370
- http://www.securityfocus.com/bid/23621Exploit
- http://www.securitytracker.com/id?1017962
- http://www.vupen.com/english/advisories/2007/1523Vendor Advisory
- http://www.vupen.com/english/advisories/2007/3442Vendor Advisory
FAQ
What is CVE-2007-2244?
CVE-2007-2244 is a vulnerability with a CVSS score of 9.3 (HIGH). Multiple buffer overflows in Adobe Photoshop CS2 and CS3, Illustrator CS3, and GoLive 9 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) BMP, (2) DIB, or (3) RLE file.
How severe is CVE-2007-2244?
CVE-2007-2244 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2244?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Golive, Adobe Illustrator, Adobe Photoshop.