CVE-2012-4170
critical
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
10.0
Description
Buffer overflow in Adobe Photoshop CS6 13.x before 13.0.1 allows remote attackers to execute arbitrary code via a crafted file.
Predictions
Exploit likelihood
20%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
Adobe Photoshop CS6 - '.png' Parsing Heap Overflow
#####################################################################################
Application: Adobe Photoshop CS6 PNG Parsing Heap Overflow
Platforms: Windows & Macintosh
Versions: 13.x
Secunia: SA49141
{PRL}: 2012-27
Author: Francis Provencher (Protek Research Lab's)
Website: http://www.protekresearchlab.com/
Twitter: @ProtekResearch
#####################################################################################
1) Introduction
2) Report Timeline
3) Technical details
4) POC
#####################################################################################
===============
1) Introduction
===============
Adobe Photoshop is a graphics editing program developed and published by Adobe Systems Incorporated.
Adobe's 2003 "Creative Suite" rebranding led to Adobe Photoshop 8's renaming to Adobe Photoshop CS.
Thus, Adobe Photoshop CS6 is the 13th major release of Adobe Photoshop. The CS rebranding also resulted
in Adobe offering numerous software packages containing multiple Adobe programs for a reduced price.
Adobe Photoshop is released in two editions: Adobe Photoshop, and Adobe Photoshop Extended, with the
Extended having extra 3D image creation, motion graphics editing, and advanced image analysis features.[6]
Adobe Photoshop Extended is included in all of Adobe's Creative Suite offerings except Design Standard,
which includes the Adobe Photoshop edition. Alongside Photoshop and Photoshop Extended, Adobe also
publishes Photoshop Elements and Photoshop Lightroom, collectively called "The Adobe Photoshop Family".
In 2008, Adobe released Adobe Photoshop Express, a free web-based image editing tool to edit photos directly
on blogs and social networking sites; in 2011 a version was released for the Android operating system and the
iOS operating system.[7][8] Adobe only supports Windows and Macintosh versions of Photoshop, but using Wine,
Photoshop CS6 can run well on Linux
(http://en.wikipedia.org/wiki/Adobe_Photoshop)
#####################################################################################
============================
2) Report Timeline
============================
2012-05-10 Vulnerability reported to Secunia
2012-08-31 Publication of this advisory
#####################################################################################
============================
3) Technical details
============================
The vulnerability is caused due to a boundary error in the "Standart MultiPlugin.8BF" module
when processing a Portable Network Graphics (PNG) image. This can be exploited to cause
a heap-based buffer overflow via a specially crafted "tRNS" chunk size. Successful exploitation
may allow execution of arbitrary code, but requires tricking a user into opening a malicious image.
#####################################################################################
===========
4) POC
===========
http://www.protekresearchlab.com/exploits/PRL-2012-27.png
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/20971.pngApplication impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| adobe | photoshop_cs6 | 13.0 | |
References
CWEs
CWE-119
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.