COSIG-2016-10

COSIG-2016-10

#####################################################################################

# Application: Adobe Photoshop CC & Bridge CC
# Platforms: Windows
# Versions: Bridge CC 6.1.1 and earlier versions, Photoshop CC 16.1.1 (2015.1.1) and earlier versions
# Author: Francis Provencher of COSIG
# Website: https://cosig.gouv.qc.ca/en/advisory/
# Twitter: @COSIG_
# Date: February 09, 2016
# CVE: CVE-2016-0953
# COSIG-2016-10

#####################################################################################

1) Introduction
2) Report Timeline
3) Technical details
4) POC

#####################################################################################

===============
1) Introduction
===============

Adobe Photoshop is a raster graphics editor developed and published by Adobe Systems for Windows and OS X.

(https://en.wikipedia.org/wiki/Adobe_Photoshop)

#####################################################################################

============================
2) Report Timeline
============================

2015-11-11: Francis Provencher of COSIG report the issue to Adobe PSIRT;
2016-02-09: Adobe release a patch (APSB16-03);
2016-02-09: COSIG release this advisory;

#####################################################################################

============================
3) Technical details
============================

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
Photoshop CC & Bridge CC. User interaction is required to exploit this vulnerability in that the target
must open a malicious file. By providing a malformed IFF file, an attacker can cause an heap memory corruption.
An attacker could leverage this to execute arbitrary code under the context of the application.

#####################################################################################

===========
4) POC
===========

COSIG-2016-10

######################################################################################