Adobe Photoshop CC 17.x < 17.0.2 / 18.x < 18.1 PCX File Handling Arbitrary Code Execution (APSB17-12) (macOS)
High Nessus Plugin ID 99370
SynopsisThe remote host has an application installed that is affected by an arbitrary code execution vulnerability.
DescriptionThe version of Adobe Photoshop CC installed on the remote macOS or Mac OS X host is 17.x prior to 17.0.2 (2015.5.2) or 18.x prior to 18.1 (2017.1.0). It is, therefore, affected by an arbitrary code execution vulnerability due to a memory corruption issue that is triggered when handling PCX files. An unauthenticated, remote attacker can exploit this, by convincing a user to open a specially crafted PCX file, to execute arbitrary code.
SolutionUpgrade to Adobe Photoshop CC version 17.0.2 (2015.5.2) / 18.1 (2017.1.0) or later.