Advisory #228 - GIMP, Photoshop / Paint Shop Pro, Multiple News
|
View:
New views
1 Messages
—
Rating Filter:
Alert me
|
 |
Advisory #228 - GIMP, Photoshop / Paint Shop Pro, Multiple News
by Sunnet Beskerming Alert mailing list
::
Rate this Message:
Sûnnet Beskerming Alert List Advisory #228
You are receiving this message because you have subscribed to our Information Security Alert Mailing List, or have been selected for a specific one-off copy. If you believe that you are receiving this message in error, please contact info@... to resolve the error. Why not upgrade to get same day notification on security threats? Details and rates available online - (http://www.beskerming.com/premium/generic_advisory.html). Why not go the next step and get delivery tailored just for your company? (http://www.beskerming.com/premium/focussed_advisory.html) Contents -------------------------------------------------------------------- 1. SECURITY -------------------------------------------------------------------- 1.1 GIMP - Remote Hacker Manual Control - Time Since Discovery - 1 Day 1.2 Photoshop / Paint Shop Pro - Remote Hacker Manual Control - Time Since Discovery - 1 Day ======================================= /* - Remote or Local - Can it be achieved through a network or does it require physical access? - Hacker - The bad guy - Manual or Automatic - Does the vulnerability need to be manually performed, or can it be automated? - Control, Denial of Service or Data Theft - Will the hacker get control of your system / website, will they prevent you from using it, or will they steal data. */ -------------------------------------------------------------------- 2. NEWS -------------------------------------------------------------------- 2.1 Google Upset Spooks Users 2.2 Achieving Security Still Difficult ===================================== 1. SECURITY 1.1 GIMP - Remote Hacker Manual Control -- Products Affected -- GIMP 2.2.14 (other versions may also be vulnerable). -- Technical Description -- The SUNRAS plugin which allows GIMP to interact with .ras files is vulnerable to a buffer overflow, which can allow for arbitrary code execution by an attacker, provided that the victim can be convinced to open a malicious .ras file. -- Description -- GIMP (Gnu Image Manipulation Program) has been discovered to be vulnerable to an memory problem when handling .ras files which can allow an attacker to take control of a vulnerable system provided that a victim can be convinced to interact with a malicious file. Specifically, the plugin which handles the processing of that filetype is vulnerable to attack. -- Recommended Action -- Avoid .ras files from untrusted sources until the GIMP developers are able to release a patch to address this issue. -- Source -- (Paid subscription required to access) -- Updates Available -- (Paid subscription required to access) -- External Tracking Data -- (Paid subscription required to access) -- Threat Matrix -- U O Home User 6 6 (High) Corporate 6 6 (High) 1.2 PhotoShop / Paint Shop Pro - Remote Hacker Manual Control -- Products Affected -- Adobe Photoshop CS2, CS3 Adobe Photoshop Elements 5.0 Paint Shop Pro 11.20 (Corel) -- Technical Description -- Another arbitrary code execution buffer overflow vulnerability has been found with Photoshop and Paint Shop Pro, this time affecting .png files. Exploit code has also been released, and it is interesting to note that the same exploit is claimed to work against both Photoshop and Paint Shop applications. -- Description -- Adobe Photoshop and Corel's Paint Shop Pro have been discovered to be vulnerable to an memory problem when handling .png files which can allow an attacker to take control of a vulnerable system provided that a victim can be convinced to interact with a malicious file. -- Recommended Action -- Avoid .png files from untrusted sources until Adobe and Corel are able to release a patch to address this issue. -- Source -- (Paid subscription required to access) -- Updates Available -- (Paid subscription required to access) -- External Tracking Data -- (Paid subscription required to access) -- Threat Matrix -- U O Home User 6 6 (High) Corporate 6 6 (High) ======================================= /* Threat Matrix: U - User O - Operator Harmless - 0 ----- 10 - Highly Critical */ ======================================= 2. NEWS 2.1 Google Upset Spooks Users As one of the leading companies that is pushing the concept of online services to replace offline applications and data storage, any loss of data by Google is likely to draw attention. Registered users who have been using the Personalised Homepage feature of Google recently logged in to find that their settings had been erased, or reset to several-month old settings. A Google spokesperson has indicated that users may not be able to retrieve their previous settings, and any effort to change the way things are set up, could lead to greater problems once Google is able to get things working. The loss of data has spooked many who use various Google services, such GMail, and who are now looking at ways to backup the information that they have trusted to Google (hint: POP forwarding is a good idea for GMail). 2.2 Achieving Security Still Difficult Two recently publicised incidents serve as a reminder that achieving a secure presence is still a very difficult objective. In the United Kingdom, a site that was meant to provide medical students and junior doctors with the ability to register for potential positions gave users more than they expected, when they "found their personal details, names, addresses, and even sexual orientation and criminal records were revealed". Claims that the site was not publicly available have been refuted by a medical organisation, which counter-claims that they originally warned the Department last month. Security measures for the proposed electronic database of all UK health records are now of greater concern, even though the Department has assured voters that the database will be secure. Despite being several seasons into its run, the Australian version of Big Brother has had its share of technical and security-related failures. The most recent security failure has been the official website for the show (despite unofficial websites sometimes leading users to malicious sites, as they are not officially affiliated, they are not a primary concern), where users had various sensitive details left unprotected by the site. Names and telephone numbers appear to be the primary data exposed, with some users stating that all data that had been entered could be viewed, but it comes on the tail of credit card collection sections of the site not using encryption (as recently as last week). Adding insult to injury, it appears that there has been an overflow of signed up members, with new subscribers claiming that once they have logged in, the site identifies them as another user. The security failures have led to the site organisers placing a message up on the site, directing site visitors not to create any new accounts, or log in to their existing accounts, until they can address their security issues. ======================================= Sincerely, Sûnnet Beskerming Team info@... Sûnnet Beskerming Pty. Ltd. Adelaide, Australia http://www.beskerming.com Tel: +61 (0) 410 707 444 ** Sûnnet Beskerming Pty. Ltd. ** Established in mid 2004, Sûnnet Beskerming Pty. Ltd. is the sister company to Jongsma & Jongsma Pty. Ltd., and was formed to develop and commercialise the research coming out of Jongsma & Jongsma Pty. Ltd.. Sûnnet Beskerming Pty. Ltd. is an Information Security specialist and, in conjunction with the tools developed by Jongsma & Jongsma Pty. Ltd., provides total security solutions and services, from the perimeter to internal data stores, including web application security and security testing and analysis. _______________________________________________ Alertmailinglist mailing list Alertmailinglist@... http://skiifwrald.com/mailman/listinfo/alertmailinglist_skiifwrald.com |
| Free Forum Powered by Nabble | Forum Help |