Jump to content
Login new information ×
Login new information
Donations campaign phase one 2024

Security updates available for Adobe Photoshop CC

Togijak

By Togijak
in Security & Privacy News

Recommended Posts

Togijak

Togijak

Posted
Posted

Release date: April 11, 2017

Vulnerability identifier: APSB17-12

Priority: 3

CVE number: CVE-2017-3004, CVE-2017-3005

Platform: Windows and Macintosh

Summary

Adobe has released updates for Photoshop CC for Windows and Macintosh. These updates resolve a critical memory corruption vulnerability when parsing malicious PCX files that could lead to code
execution (CVE-2017-3004). These updates also resolve an unquoted search path vulnerability in
Photoshop on Windows (CVE-2017-3005).

Affected software versions

Product Affected version Platform
Adobe Photoshop CC 2017 18.0.1 and earlier versions Windows and Macintosh
Adobe Photoshop CC 2015.5 17.0.1 (2015.5.1) and earlier versions Windows and Macintosh

Solution

Adobe recommends users update their software installations via each application's update mechanism by launching each application, navigating to the Help menu, and clicking "Updates." For more information, please reference this help page.

 

Product Updated version Platform Priority rating
Adobe Photoshop CC 2017 18.1 Windows and Macintosh 3
Adobe Photoshop CC 2015.5 17.0.2 (2015.5.2) Windows and Macintosh 3

For managed environments, IT administrators can use the Creative Cloud Packager to create deployment packages. Refer to this help page for more information on the Creative Cloud Packager. 

Vulnerability details

  • These updates resolve a memory corruption vulnerability when parsing malicious PCX files that could lead to code execution (CVE-2017-3004).
  • These updates resolve an unquoted search path vulnerability in Photoshop on Windows (CVE-2017-3005).

Acknowledgments

Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:

  • Kushal Arvind Shah of Fortinet's FortiGuard Labs (CVE-2017-3004)
  • Cyril Vallicari / HTTPCS – Ziwit (CVE-2017-3005)

 

https://helpx.adobe.com/security/products/photoshop/apsb17-12.html

Link to comment
Share on other sites
  • Replies 1
  • Views 631
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...