Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Security / Advisories

Advisories

Adobe Illustrator Lets Hackers Compromise Your Machine!

This is serious!

By Alexandru Dumitru, Security News Editor

10th of October 2007, 09:35 GMT

Adjust text size:



Enlarge picture
Adobe products are very popular and if they're found with flaws, it means that a lot of machines are vulnerable. And if the recent Adobe-related bad news wasn't enough, other two vulnerabilities have been disclosed in Adobe Illustrator CS3.
The flaws are related to PNG/BMP file processing, and let me tell you that they're not something to you should take lightly. Secunia experts have dubbed these vulnerabilities as highly critical, and I had to agree on the level of severity, after seeing what these could cause.

A vendor patch has been released to prevent malicious users abusing these vulnerabilities and remotely accessing an affected machine. The system could be compromised if a malicious user exploited the flaws. As Secunia informs, the vulnerabilities are caused due to input validation errors in PNG.8BI and BMP.8BI when processing PNG and BMP image files. These can be exploited to cause heap-based buffer overflows when e.g. opening a specially crafted .PNG or .BMP file. Specially crafted means malicious in this case, so don't panic - if you only use it with trusted files, then you shouldn't fear getting hacked via this program!

The CS3 version is affected, but knowing how developers recycle code, prior versions may also be affected as well. In any case, you can stay safe if you patch it up - there is no simple way to go around this, so that's why the vendor issued an advisory. There is no file that you can just install, follow a "next next next finish" installation process - there are more measures that you need to take. These are all described in the advisory for which I already provided a link, both for Macintosh users as well as for people who use Windows. I advise you to be careful and stick to the steps they recommend - doing otherwise might screw things up even worse!

TAGS:

 Adobe | Illustrator | vulnerabilities


Rating:
Good (3.1/5) 7 vote(s) so far    

Read by 405 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


New Vulnerabilities Discovered in Adobe's Products

Adobe CS3 Live In March

Adobe Photoshop Online Edition Coming Soon

Adobe Does Not Support Windows Vista at All!

Adobe Ships Creative Suite 3

Adobe: Vista Home Basic Is Nothing! Worse Than Windows XP!

Adobe Flex Builder for Linux

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive