5 results (0.008 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Photoshop Elements versions 2021 build 19.0 (20210304.m.156367) (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious TTF file. Photoshop Elements versiones 2021 build 19.0 (20210304.m.156367) (y anteriores), están afectadas por una vulnerabilidad de escritura fuera de límites que podría resultar en una ejecución de código arbitrario en el contexto del usuario actual. Es requerida una interacción del usuario para explotar este problema, ya que la víctima debe abrir un archivo TTF malicioso • https://helpx.adobe.com/security/products/photoshop_elements/apsb21-77.html • CWE-787: Out-of-bounds Write •

CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0

Adobe Photoshop Elements version 5.2 (and earlier) is affected by an insecure temporary file creation vulnerability. An unauthenticated attacker could leverage this vulnerability to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction. Adobe Photoshop Elements versiones 5.2 (y anteriores) está afectada por una vulnerabilidad de creación de archivos temporales no seguros. Un atacante no autenticado podría aprovechar esta vulnerabilidad para llamar a funciones contra el instalador para llevar a cabo acciones con altos privilegios. • https://helpx.adobe.com/security/products/photoshop_elements/apsb21-46.html • CWE-379: Creation of Temporary File in Directory with Insecure Permissions CWE-668: Exposure of Resource to Wrong Sphere •

CVSS: 9.3EPSS: 4%CPEs: 3EXPL: 3

Multiple buffer overflows in Adobe Photoshop Elements 8.0 and earlier allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted (1) .grd or (2) .abr file, a related issue to CVE-2010-1296. Múltiples desbordamientos de búfer en Adobe Photoshop Elements v8.0 y anteriores permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de un fichero modificado (1) .grd o (2) .abr archivo, un tema relacionado con CVE-2010-1296. Adobe Photoshop Elements 8 suffers from a buffer overflow vulnerability when dealing with .ABR (brushes) and .GRD (gradients) format files. The application fails to sanitize the user input resulting in a memory corruption, overwriting several memory registers which can aid the attacker to gain the power of executing arbitrary code on the affected system or denial of service scenario. • https://www.exploit-db.com/exploits/17918 http://securityreason.com/securityalert/8410 http://www.adobe.com/support/security/advisories/apsa11-03.html http://www.exploit-db.com/exploits/17918 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5049.php • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 4

Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 service with an insecure security descriptor, which allows local users to (1) stop the service via the stop command, (2) execute arbitrary commands as SYSTEM by using the config command to modify the binPath variable, or (3) restart the service via the start command. Adobe Photoshop Elements v8.0 instala Adobe Active File Monitor V8 service con un descriptor de seguridad no seguro, que permite a usuarios locales (1) parar el servicio a través de comando stop, (2) ejecutar comandos de su elección como SYSTEM usando el comando config para modificar la variable binPaht, o (3) reiniciar el servicio a través del comando start. • https://www.exploit-db.com/exploits/9988 https://www.exploit-db.com/exploits/9807 http://blogs.adobe.com/psirt/2009/09/potential_photoshop_elements_8.html http://retrogod.altervista.org/9sg_adobe_pe_local.html http://secunia.com/advisories/36895 http://www.securityfocus.com/archive/1/506806/100/0/threaded http://www.securityfocus.com/bid/36542 http://www.securitytracker.com/id?1022963 http://www.vupen.com/english/advisories/2009/2798 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 9.3EPSS: 39%CPEs: 4EXPL: 1

Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements 5.0, Illustrator CS3, and GoLive 9 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file. Un desbordamiento de búfer en Adobe Photoshop versiones CS2 y CS3, Photoshop Elements versión 5.0, Illustrator versión CS3 y GoLive versión 9, permite a atacantes remotos asistidos por el usuario ejecutar código arbitrario por medio de un archivo .PNG especialmente diseñado. • https://www.exploit-db.com/exploits/3812 http://osvdb.org/35465 http://osvdb.org/38063 http://secunia.com/advisories/25044 http://secunia.com/advisories/26846 http://secunia.com/advisories/26864 http://securitytracker.com/id?1018792 http://www.adobe.com/support/security/bulletins/apsb07-13.html http://www.adobe.com/support/security/bulletins/apsb07-16.html http://www.adobe.com/support/security/bulletins/apsb07-17.html http://www.securityfocus.com/bid/23698 http:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •