Multiple Image Editing Applications .PNG Format Handling Remote Buffer Overflow Vulnerability

Multiple Image Editing Applications .PNG Format Handling Remote Buffer Overflow Vulnerability

Multiple image editors are prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Successful exploits allow remote attackers to execute arbitrary machine code in the context of a vulnerable application. Failed exploit attempts likely result in denial-of-service conditions.

The following are vulnerable:

Adobe Photoshop CS2, CS3, and Elements 5.0
Corel Paint Shop Pro 11.20

Other versions may also be affected.