Denial of Service in Adobe Photoshop

vendor:

Adobe Photoshop

by:

Unknown

5.5

CVSS

MEDIUM

Denial of Service

CWE

Product Name: Adobe Photoshop

Affected Version From: Adobe Photoshop 8.0

Affected Version To: Unknown

Patch Exists: NO

Related CWE:

CPE: a:adobe:photoshop:8.0

Metasploit:

Other Scripts:

Platforms Tested:

2003

Denial of Service in Adobe Photoshop

Adobe Photoshop is prone to a denial of service vulnerability that may crash an instance of Internet Explorer. An attacker can exploit this issue by creating a script that attempts to create a COM object and enticing a user to execute the script in their browser. When the user executes the script via Internet Explorer, the Internet Explorer window hangs leading to a denial of service in the browser.

Mitigation:

No specific mitigation or remediation steps provided.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10061/info

It has been reported that Adobe Photoshop may be prone to a denial of service vulnerability that may crash an instance of Internet Explorer. An attacker can exploit this issue by creating a script that attempts to create a COM object and enticing a user to execute the script in their browser. When the user executes the script via Internet Explorer, the Internet Explorer window hangs leading to a denial of service in the browser.

Adobe Photoshop 8.0 is reported to be prone to this issue, however, it is possible that other versions are affected as well. 

<script language=vbscript>
Dim cooler
Set cooler = CreateObject("Photoshop.Application.8" )
</script>

<script language=vbscript>
dim cooler
Set cooler = CreateObject("Photoshop.PhotoCDOpenOptions.8" )
</script>