漏洞类别:Local
漏洞等级: 
漏洞信息
Adobe Photoshop is an application that allows users to view and edit various graphic formats.
Adobe has released an update for Photoshop CC which fixes the following issues:
- This update resolves a critical memory corruption vulnerability when parsing malicious PCX files that could lead to code execution (CVE-2017-11303).
- This update resolves an unquoted search path vulnerability in Photoshop on Windows (CVE-2017-11304).
Affected Versions:
Photoshop CC 2017 18.1.1 (2017.1.1) and earlier versions
QID Detection Logic (Authenticated):
This checks for vulnerable version of Adobe Photoshop.
漏洞危害
Successful exploitation could allow an attacker to execute arbitrary code on a targeted system.
解决方案
The vendor has released updates to fix the vulnerabilities. Please refer to Adobe advisory APSB17-34 for details.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论