« Return to Thread: Advisory #228 - GIMP, Photoshop / Paint Shop Pro, Multiple News
Advisory #228 - GIMP, Photoshop / Paint Shop Pro, Multiple News
by Sunnet Beskerming Alert mailing list
::
Rate this Message:
Sûnnet Beskerming Alert List Advisory #228
You are receiving this message because you have subscribed to our
Information Security Alert Mailing List, or have been selected for a
specific one-off copy. If you believe that you are receiving this
message in error, please contact info@... to resolve the
error.
Why not upgrade to get same day notification on security threats?
Details and rates available online -
(http://www.beskerming.com/premium/generic_advisory.html).
Why not go the next step and get delivery tailored just for your
company?
(http://www.beskerming.com/premium/focussed_advisory.html)
Contents
--------------------------------------------------------------------
1. SECURITY
--------------------------------------------------------------------
1.1 GIMP
- Remote Hacker Manual Control
- Time Since Discovery - 1 Day
1.2 Photoshop / Paint Shop Pro
- Remote Hacker Manual Control
- Time Since Discovery - 1 Day
=======================================
/*
- Remote or Local - Can it be achieved through a network or does it
require physical access?
- Hacker - The bad guy
- Manual or Automatic - Does the vulnerability need to be manually
performed, or can it be automated?
- Control, Denial of Service or Data Theft - Will the hacker get
control of your system / website, will they prevent you from using
it, or will they steal data.
*/
--------------------------------------------------------------------
2. NEWS
--------------------------------------------------------------------
2.1 Google Upset Spooks Users
2.2 Achieving Security Still Difficult
=====================================
1. SECURITY
1.1 GIMP - Remote Hacker Manual Control
-- Products Affected --
GIMP 2.2.14 (other versions may also be vulnerable).
-- Technical Description --
The SUNRAS plugin which allows GIMP to interact with .ras files is
vulnerable to a buffer overflow, which can allow for arbitrary code
execution by an attacker, provided that the victim can be convinced
to open a malicious .ras file.
-- Description --
GIMP (Gnu Image Manipulation Program) has been discovered to be
vulnerable to an memory problem when handling .ras files which can
allow an attacker to take control of a vulnerable system provided
that a victim can be convinced to interact with a malicious file.
Specifically, the plugin which handles the processing of that
filetype is vulnerable to attack.
-- Recommended Action --
Avoid .ras files from untrusted sources until the GIMP developers
are able to release a patch to address this issue.
-- Source --
(Paid subscription required to access)
-- Updates Available --
(Paid subscription required to access)
-- External Tracking Data --
(Paid subscription required to access)
-- Threat Matrix --
U O
Home User 6 6 (High)
Corporate 6 6 (High)
1.2 PhotoShop / Paint Shop Pro - Remote Hacker Manual Control
-- Products Affected --
Adobe Photoshop CS2, CS3
Adobe Photoshop Elements 5.0
Paint Shop Pro 11.20 (Corel)
-- Technical Description --
Another arbitrary code execution buffer overflow vulnerability has
been found with Photoshop and Paint Shop Pro, this time
affecting .png files. Exploit code has also been released, and it is
interesting to note that the same exploit is claimed to work against
both Photoshop and Paint Shop applications.
-- Description --
Adobe Photoshop and Corel's Paint Shop Pro have been discovered to
be vulnerable to an memory problem when handling .png files which can
allow an attacker to take control of a vulnerable system provided
that a victim can be convinced to interact with a malicious file.
-- Recommended Action --
Avoid .png files from untrusted sources until Adobe and Corel are
able to release a patch to address this issue.
-- Source --
(Paid subscription required to access)
-- Updates Available --
(Paid subscription required to access)
-- External Tracking Data --
(Paid subscription required to access)
-- Threat Matrix --
U O
Home User 6 6 (High)
Corporate 6 6 (High)
=======================================
/*
Threat Matrix:
U - User
O - Operator
Harmless - 0 ----- 10 - Highly Critical
*/
=======================================
2. NEWS
2.1 Google Upset Spooks Users
As one of the leading companies that is pushing the concept of online
services to replace offline applications and data storage, any loss
of data by Google is likely to draw attention. Registered users who
have been using the Personalised Homepage feature of Google recently
logged in to find that their settings had been erased, or reset to
several-month old settings.
A Google spokesperson has indicated that users may not be able to
retrieve their previous settings, and any effort to change the way
things are set up, could lead to greater problems once Google is able
to get things working. The loss of data has spooked many who use
various Google services, such GMail, and who are now looking at ways
to backup the information that they have trusted to Google (hint: POP
forwarding is a good idea for GMail).
2.2 Achieving Security Still Difficult
Two recently publicised incidents serve as a reminder that achieving
a secure presence is still a very difficult objective.
In the United Kingdom, a site that was meant to provide medical
students and junior doctors with the ability to register for
potential positions gave users more than they expected, when they
"found their personal details, names, addresses, and even sexual
orientation and criminal records were revealed". Claims that the
site was not publicly available have been refuted by a medical
organisation, which counter-claims that they originally warned the
Department last month.
Security measures for the proposed electronic database of all UK
health records are now of greater concern, even though the Department
has assured voters that the database will be secure.
Despite being several seasons into its run, the Australian version of
Big Brother has had its share of technical and security-related
failures. The most recent security failure has been the official
website for the show (despite unofficial websites sometimes leading
users to malicious sites, as they are not officially affiliated, they
are not a primary concern), where users had various sensitive details
left unprotected by the site.
Names and telephone numbers appear to be the primary data exposed,
with some users stating that all data that had been entered could be
viewed, but it comes on the tail of credit card collection sections
of the site not using encryption (as recently as last week). Adding
insult to injury, it appears that there has been an overflow of
signed up members, with new subscribers claiming that once they have
logged in, the site identifies them as another user.
The security failures have led to the site organisers placing a
message up on the site, directing site visitors not to create any new
accounts, or log in to their existing accounts, until they can
address their security issues.
=======================================
Sincerely,
Sûnnet Beskerming Team
info@...
Sûnnet Beskerming Pty. Ltd.
Adelaide, Australia
http://www.beskerming.com
Tel: +61 (0) 410 707 444
** Sûnnet Beskerming Pty. Ltd. **
Established in mid 2004, Sûnnet Beskerming Pty. Ltd. is the sister
company to Jongsma & Jongsma Pty. Ltd., and was formed to develop and
commercialise the research coming out of Jongsma & Jongsma Pty. Ltd..
Sûnnet Beskerming Pty. Ltd. is an Information Security specialist
and, in conjunction with the tools developed by Jongsma & Jongsma
Pty. Ltd., provides total security solutions and services, from the
perimeter to internal data stores, including web application security
and security testing and analysis.
_______________________________________________
Alertmailinglist mailing list
Alertmailinglist@...
http://skiifwrald.com/mailman/listinfo/alertmailinglist_skiifwrald.com
You are receiving this message because you have subscribed to our
Information Security Alert Mailing List, or have been selected for a
specific one-off copy. If you believe that you are receiving this
message in error, please contact info@... to resolve the
error.
Why not upgrade to get same day notification on security threats?
Details and rates available online -
(http://www.beskerming.com/premium/generic_advisory.html).
Why not go the next step and get delivery tailored just for your
company?
(http://www.beskerming.com/premium/focussed_advisory.html)
Contents
--------------------------------------------------------------------
1. SECURITY
--------------------------------------------------------------------
1.1 GIMP
- Remote Hacker Manual Control
- Time Since Discovery - 1 Day
1.2 Photoshop / Paint Shop Pro
- Remote Hacker Manual Control
- Time Since Discovery - 1 Day
=======================================
/*
- Remote or Local - Can it be achieved through a network or does it
require physical access?
- Hacker - The bad guy
- Manual or Automatic - Does the vulnerability need to be manually
performed, or can it be automated?
- Control, Denial of Service or Data Theft - Will the hacker get
control of your system / website, will they prevent you from using
it, or will they steal data.
*/
--------------------------------------------------------------------
2. NEWS
--------------------------------------------------------------------
2.1 Google Upset Spooks Users
2.2 Achieving Security Still Difficult
=====================================
1. SECURITY
1.1 GIMP - Remote Hacker Manual Control
-- Products Affected --
GIMP 2.2.14 (other versions may also be vulnerable).
-- Technical Description --
The SUNRAS plugin which allows GIMP to interact with .ras files is
vulnerable to a buffer overflow, which can allow for arbitrary code
execution by an attacker, provided that the victim can be convinced
to open a malicious .ras file.
-- Description --
GIMP (Gnu Image Manipulation Program) has been discovered to be
vulnerable to an memory problem when handling .ras files which can
allow an attacker to take control of a vulnerable system provided
that a victim can be convinced to interact with a malicious file.
Specifically, the plugin which handles the processing of that
filetype is vulnerable to attack.
-- Recommended Action --
Avoid .ras files from untrusted sources until the GIMP developers
are able to release a patch to address this issue.
-- Source --
(Paid subscription required to access)
-- Updates Available --
(Paid subscription required to access)
-- External Tracking Data --
(Paid subscription required to access)
-- Threat Matrix --
U O
Home User 6 6 (High)
Corporate 6 6 (High)
1.2 PhotoShop / Paint Shop Pro - Remote Hacker Manual Control
-- Products Affected --
Adobe Photoshop CS2, CS3
Adobe Photoshop Elements 5.0
Paint Shop Pro 11.20 (Corel)
-- Technical Description --
Another arbitrary code execution buffer overflow vulnerability has
been found with Photoshop and Paint Shop Pro, this time
affecting .png files. Exploit code has also been released, and it is
interesting to note that the same exploit is claimed to work against
both Photoshop and Paint Shop applications.
-- Description --
Adobe Photoshop and Corel's Paint Shop Pro have been discovered to
be vulnerable to an memory problem when handling .png files which can
allow an attacker to take control of a vulnerable system provided
that a victim can be convinced to interact with a malicious file.
-- Recommended Action --
Avoid .png files from untrusted sources until Adobe and Corel are
able to release a patch to address this issue.
-- Source --
(Paid subscription required to access)
-- Updates Available --
(Paid subscription required to access)
-- External Tracking Data --
(Paid subscription required to access)
-- Threat Matrix --
U O
Home User 6 6 (High)
Corporate 6 6 (High)
=======================================
/*
Threat Matrix:
U - User
O - Operator
Harmless - 0 ----- 10 - Highly Critical
*/
=======================================
2. NEWS
2.1 Google Upset Spooks Users
As one of the leading companies that is pushing the concept of online
services to replace offline applications and data storage, any loss
of data by Google is likely to draw attention. Registered users who
have been using the Personalised Homepage feature of Google recently
logged in to find that their settings had been erased, or reset to
several-month old settings.
A Google spokesperson has indicated that users may not be able to
retrieve their previous settings, and any effort to change the way
things are set up, could lead to greater problems once Google is able
to get things working. The loss of data has spooked many who use
various Google services, such GMail, and who are now looking at ways
to backup the information that they have trusted to Google (hint: POP
forwarding is a good idea for GMail).
2.2 Achieving Security Still Difficult
Two recently publicised incidents serve as a reminder that achieving
a secure presence is still a very difficult objective.
In the United Kingdom, a site that was meant to provide medical
students and junior doctors with the ability to register for
potential positions gave users more than they expected, when they
"found their personal details, names, addresses, and even sexual
orientation and criminal records were revealed". Claims that the
site was not publicly available have been refuted by a medical
organisation, which counter-claims that they originally warned the
Department last month.
Security measures for the proposed electronic database of all UK
health records are now of greater concern, even though the Department
has assured voters that the database will be secure.
Despite being several seasons into its run, the Australian version of
Big Brother has had its share of technical and security-related
failures. The most recent security failure has been the official
website for the show (despite unofficial websites sometimes leading
users to malicious sites, as they are not officially affiliated, they
are not a primary concern), where users had various sensitive details
left unprotected by the site.
Names and telephone numbers appear to be the primary data exposed,
with some users stating that all data that had been entered could be
viewed, but it comes on the tail of credit card collection sections
of the site not using encryption (as recently as last week). Adding
insult to injury, it appears that there has been an overflow of
signed up members, with new subscribers claiming that once they have
logged in, the site identifies them as another user.
The security failures have led to the site organisers placing a
message up on the site, directing site visitors not to create any new
accounts, or log in to their existing accounts, until they can
address their security issues.
=======================================
Sincerely,
Sûnnet Beskerming Team
info@...
Sûnnet Beskerming Pty. Ltd.
Adelaide, Australia
http://www.beskerming.com
Tel: +61 (0) 410 707 444
** Sûnnet Beskerming Pty. Ltd. **
Established in mid 2004, Sûnnet Beskerming Pty. Ltd. is the sister
company to Jongsma & Jongsma Pty. Ltd., and was formed to develop and
commercialise the research coming out of Jongsma & Jongsma Pty. Ltd..
Sûnnet Beskerming Pty. Ltd. is an Information Security specialist
and, in conjunction with the tools developed by Jongsma & Jongsma
Pty. Ltd., provides total security solutions and services, from the
perimeter to internal data stores, including web application security
and security testing and analysis.
_______________________________________________
Alertmailinglist mailing list
Alertmailinglist@...
http://skiifwrald.com/mailman/listinfo/alertmailinglist_skiifwrald.com
« Return to Thread: Advisory #228 - GIMP, Photoshop / Paint Shop Pro, Multiple News
| Free Forum Powered by Nabble | Forum Help |
