Adobe Photoshop CC 17.x < 17.0.2 / 18.x < 18.1 Multiple Vulnerabilities (APSB17-12)

This script is Copyright (C) 2017 Tenable Network Security, Inc.

Synopsis :

The remote host has an application installed that is affected by
multiple vulnerabilities.

Description :

The version of Adobe Photoshop CC installed on the remote Windows host
is 17.x prior to 17.0.2 (2015.5.2) or 18.x prior to 18.1 (2017.1.0).
It is, therefore, affected by multiple vulnerabilities :

- A memory corruption issue exists due to improper
handling of PCX files. An unauthenticated, remote
attacker can exploit this, by convincing a user to open
a specially crafted PCX file, to execute arbitrary code.

- An unquoted search path flaw exists that allows an
attacker to elevate privileges via a malicious
executable in the root path. (CVE-2017-3005)

See also :

Solution :

Upgrade to Adobe Photoshop CC version 17.0.2 (2015.5.2) / 18.1
(2017.1.0) or later.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 99369 ()

Bugtraq ID: 97553

CVE ID: CVE-2017-3004

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now