Accessibility

Security advisory

Potential vulnerability in Photoshop Album Starter Edition 3.2

Release date: April 21, 2008

Last updated: July 17, 2009

Vulnerability identifier: APSA08-04

CVE number: CVE-2008-1765

Platform: Windows

Affected Software: Photoshop Album Starter Edition 3.2

Summary

Adobe is aware of a recently published security issue in Adobe Photoshop Album Starter Edition 3.2 that could potentially cause code execution. An attacker would need to convince a user to open a malicious BMP file to successfully exploit the issue. This issue does not affect Photoshop or Photoshop Elements users who have already applied the updates described in Security Bulletin APSB07-13.

Details

NOTE: As of June 30, 2009, Adobe is discontinuing the Photoshop Album Starter Edition product and ongoing technical support for Photoshop Album Starter Edition. No further updates to the product will be made available.

An attacker would need to convince a user to open a malicious BMP file in Photoshop Album Starter Edition to successfully exploit the issue. Adobe recommends that customers exercise caution when receiving unsolicited or suspicious BMP files. This issue does not affect Photoshop or Photoshop Elements users who have already applied the updates described in Security Bulletin APSB07-13.

Severity Rating

Adobe categorizes this as a critical issue and recommends that Photoshop Album Starter Edition 3.2 customers exercise caution when receiving unsolicited or suspicious BMP files.

Revisions

July 17, 2009 - Advisory updated with information on Photoshop Album Starter Edition being discontinued
April 21, 2008 - Advisory first created