Adobe Camera Raw Plug-In Multiple Vulnerabilities
High Nessus Plugin ID 63300
SynopsisThe remote host has a software plug-in installed that is affected by multiple vulnerabilities.
DescriptionThe version of the Adobe Camera Raw plug-in installed on the remote host is affected by the following vulnerabilities :
- A flaw exists when processing an LZW compressed TIFF image that can be exploited to cause a heap-based buffer underflow via a specially crafted LZW code within an image row strip. (CVE-2012-5679)
- An integer overflow error exists when allocating memory during TIFF image processing that can be exploited to cause a heap-based buffer overflow via specially crafted image dimensions. (CVE-2012-5680)
These vulnerabilities can be exploited by tricking a user into opening a specially crafted file and could allow an attacker to execute arbitrary code.
SolutionUpgrade to Camera Raw Plug-In 6.7.1 / 7.3 or later.