CVE-2012-0275

2012-09-0411:04:48

CWE-119

flexera

web.nvd.nist.gov

adobe photoshop

cve-2012-0275

buffer overflow

remote code execution

tiff image

sgi24loglum compression

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.106

Percentile

95.1%

JSON

Heap-based buffer overflow in Photoshop.exe in Adobe Photoshop CS5 12.x before 12.0.5, CS5.1 12.1.x before 12.1.1, and CS6 13.x before 13.0.1 allows remote attackers to execute arbitrary code via a crafted TIFF image with SGI24LogLum compression.

Affected configurations

Nvd

Node

adobephotoshop_cs5.5Match12.0.1

adobephotoshop_cs5.5Match12.0.2

adobephotoshop_cs5.5Match12.0.3

adobephotoshop_cs5.5Match12.0.4

adobephotoshop_cs5.5Match12.1

adobephotoshop_cs6Match13.0

VendorProductVersionCPE
adobephotoshop_cs5.512.0.1cpe:2.3:a:adobe:photoshop_cs5.5:12.0.1:*:*:*:*:*:*:*
adobephotoshop_cs5.512.0.2cpe:2.3:a:adobe:photoshop_cs5.5:12.0.2:*:*:*:*:*:*:*
adobephotoshop_cs5.512.0.3cpe:2.3:a:adobe:photoshop_cs5.5:12.0.3:*:*:*:*:*:*:*
adobephotoshop_cs5.512.0.4cpe:2.3:a:adobe:photoshop_cs5.5:12.0.4:*:*:*:*:*:*:*
adobephotoshop_cs5.512.1cpe:2.3:a:adobe:photoshop_cs5.5:12.1:*:*:*:*:*:*:*
adobephotoshop_cs613.0cpe:2.3:a:adobe:photoshop_cs6:13.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	photoshop_cs5.5	12.0.1	cpe:2.3:a:adobe:photoshop_cs5.5:12.0.1:::::::*
adobe	photoshop_cs5.5	12.0.2	cpe:2.3:a:adobe:photoshop_cs5.5:12.0.2:::::::*
adobe	photoshop_cs5.5	12.0.3	cpe:2.3:a:adobe:photoshop_cs5.5:12.0.3:::::::*
adobe	photoshop_cs5.5	12.0.4	cpe:2.3:a:adobe:photoshop_cs5.5:12.0.4:::::::*
adobe	photoshop_cs5.5	12.1	cpe:2.3:a:adobe:photoshop_cs5.5:12.1:::::::*
adobe	photoshop_cs6	13.0	cpe:2.3:a:adobe:photoshop_cs6:13.0:::::::*