CVE-2007-2244 – Adobe Photoshop CS2 / CS3 - '.bmp' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-2244
Multiple buffer overflows in Adobe Photoshop CS2 and CS3, Illustrator CS3, and GoLive 9 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) BMP, (2) DIB, or (3) RLE file. Múltiples desbordamientos de búfer en Adobe Photoshop versiones CS2 y CS3, Illustrator versión CS3 y GoLive versión 9, permite a atacantes remotos asistidos por el usuario ejecutar código arbitrario por medio de un archivo (1) BMP, (2) DIB o (3) RLE especialmente diseñados. • https://www.exploit-db.com/exploits/3793 http://osvdb.org/38064 http://osvdb.org/38065 http://osvdb.org/38066 http://secunia.com/advisories/25023 http://secunia.com/advisories/26846 http://secunia.com/advisories/26864 http://securitytracker.com/id?1018792 http://www.adobe.com/support/security/bulletins/apsb07-13.html http://www.adobe.com/support/security/bulletins/apsb07-16.html http://www.adobe.com/support/security/bulletins/apsb07-17.html http://www.osvdb.org • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2006-0525
https://notcve.org/view.php?id=CVE-2006-0525
Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group, which allows local users to gain privileges via Trojan horse programs. • http://secunia.com/advisories/18698 http://securitytracker.com/id?1015577 http://securitytracker.com/id?1015578 http://securitytracker.com/id?1015579 http://www.adobe.com/support/techdocs/332644.html http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf http://www.kb.cert.org/vuls/id/953860 http://www.osvdb.org/22908 http://www.securityfocus.com/archive/1/423587/100/0/threaded http://www.securityfocus.com/bid/16451 http://www.vupen.com/english/advisories/2006/ • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2005-0151
https://notcve.org/view.php?id=CVE-2005-0151
Unknown vulnerability in the installation of Adobe License Management Service, as used in Adobe Photoshop CS, Adobe Creative Suite 1.0, and Adobe Premiere Pro 1.5, allows attackers to gain administrator privileges. • http://securitytracker.com/id?1014168 http://securitytracker.com/id?1014169 http://securitytracker.com/id?1014170 http://www.adobe.com/support/techdocs/331688.html •