Vulnerability Description
Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements 5.0, Illustrator CS3, and GoLive 9 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Golive | 9 |
| Adobe | Illustrator | cs3 |
| Adobe | Photoshop | 9.0.2 |
| Adobe | Photoshop Elements | 5.0 |
Related Weaknesses (CWE)
References
- http://osvdb.org/35465
- http://osvdb.org/38063
- http://secunia.com/advisories/25044Vendor Advisory
- http://secunia.com/advisories/26846Vendor Advisory
- http://secunia.com/advisories/26864Vendor Advisory
- http://securitytracker.com/id?1018792
- http://www.adobe.com/support/security/bulletins/apsb07-13.html
- http://www.adobe.com/support/security/bulletins/apsb07-16.html
- http://www.adobe.com/support/security/bulletins/apsb07-17.html
- http://www.securityfocus.com/bid/23698
- http://www.vupen.com/english/advisories/2007/1577
- http://www.vupen.com/english/advisories/2007/3442
- http://www.vupen.com/english/advisories/2007/3443
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33956
- https://www.exploit-db.com/exploits/3812
FAQ
What is CVE-2007-2365?
CVE-2007-2365 is a vulnerability with a CVSS score of 9.3 (HIGH). Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements 5.0, Illustrator CS3, and GoLive 9 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.
How severe is CVE-2007-2365?
CVE-2007-2365 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2365?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Golive, Adobe Illustrator, Adobe Photoshop, Adobe Photoshop Elements.