LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   General (http://www.linuxquestions.org/questions/general-10/)
-   -   Security flaw in Photoshop (http://www.linuxquestions.org/questions/general-10/security-flaw-in-photoshop-669040/)

texasone 09-10-2008 05:58 PM

Security flaw in Photoshop
 
OK, first of, mods, please move if in the wrong section.

But anyways, this is brought up as a result of crummy programming from Adobe/Macromedia. In school, we have to use PhotoShop as our image editing software for webdesign. And during cropping, my teacher found out that the default setting was inches instead of pixels as the total crop size, and when a number too big for the program to read is put in, it crashes. Which happens a lot as many people use photos over 100 pixels and might forget to add px to the end so it doesn't go to inches. But to the main question: I know that when a program ends, it can lead a cracker to a way to break into your machine. I was wondering if this glitch/bug is strong enough for a security flaw in the system, or would it not allow the cracker far enough into your system to get any information like passwords??

rocket357 09-10-2008 06:15 PM

While it's true that most vulnerabilities are software bugs, the reverse is NOT true. Not all bugs are exploitable. For an attacker to utilize a bug like this, the attacker would need access to the buggy software...meaning this might lead to a local privilege escalation attack, but being that Photoshop does not listen on any ports (AFAIK), it's not likely that an attacker could use this for remotely "breaking in".

Now if this "bug" is proven to be exploitable for privilege escalation, and the attacker can exploit a service to gain a foothold on the system, then a bug like this could lead to a complete machine takeover...but I'd think that's rather unlikely. (I should hope you aren't running Photoshop suid)

ErV 09-10-2008 06:24 PM

Quote:

Originally Posted by texasone (Post 3276397)
I was wondering if this glitch/bug is strong enough for a security flaw in the system, or would it not allow the cracker far enough into your system to get any information like passwords??

No.
Your program crashes with access violation caused by user actions, and doesn't connect to network. For remote code execution, bug (AFAIK) requires buffer overrun caused by data provided by external source connected via network, which doesn't always cause crash. It's unlikely that problem your mentioned might allow anyone to break in.


All times are GMT -5. The time now is 01:02 AM.