CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-44334 – Adobe Photoshop 2023 CC 24.7 Memory Corruption Vulnerability VI.
https://notcve.org/view.php?id=CVE-2023-44334
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 24.7.1 (y anteriores) y 25.0 (y anteriores) de Adobe Photoshop se ven afectadas por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria confidencial. Un atacante podría aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. • https://helpx.adobe.com/security/products/photoshop/apsb23-56.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-44330 – Adobe Photoshop 2023 CC 24.7 Memory Corruption Vulnerability III.
https://notcve.org/view.php?id=CVE-2023-44330
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 24.7.1 (y anteriores) y 25.0 (y anteriores) de Adobe Photoshop se ven afectadas por una vulnerabilidad de lectura fuera de los límites al analizar un archivo manipulado, lo que podría dar como resultado una lectura más allá del final de una estructura de memoria asignada. Un atacante podría aprovechar esta vulnerabilidad para ejecutar código en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso. • https://helpx.adobe.com/security/products/photoshop/apsb23-56.html • CWE-787: Out-of-bounds Write •
CVSS: 4.6EPSS: 0%CPEs: 60EXPL: 0CVE-2006-0525
https://notcve.org/view.php?id=CVE-2006-0525
Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group, which allows local users to gain privileges via Trojan horse programs. • http://secunia.com/advisories/18698 http://securitytracker.com/id?1015577 http://securitytracker.com/id?1015578 http://securitytracker.com/id?1015579 http://www.adobe.com/support/techdocs/332644.html http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf http://www.kb.cert.org/vuls/id/953860 http://www.osvdb.org/22908 http://www.securityfocus.com/archive/1/423587/100/0/threaded http://www.securityfocus.com/bid/16451 http://www.vupen.com/english/advisories/2006/ • CWE-264: Permissions, Privileges, and Access Controls •