CVSS: 9.3EPSS: 91%CPEs: 4EXPL: 1CVE-2011-2131 – Adobe Photoshop CS5 - '.gif' Remote Code Execution
https://notcve.org/view.php?id=CVE-2011-2131
Adobe Photoshop 12.0 in Creative Suite 5 (CS5) and 12.1 in Creative Suite 5.1 (CS5.1) allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted GIF file. Adobe Photoshop v12.0 en Creative Suite 5 (CS5) y v12.1 en Creative Suite v5.1 (CS5.1) permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un archivo GIF creado. • https://www.exploit-db.com/exploits/17712 http://securityreason.com/securityalert/8347 http://www.adobe.com/support/security/bulletins/apsb11-22.html http://www.us-cert.gov/cas/techalerts/TA11-222A.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 15EXPL: 0CVE-2011-2164
https://notcve.org/view.php?id=CVE-2011-2164
Multiple unspecified vulnerabilities in Adobe Photoshop before 12.0.4 have unknown impact and attack vectors. Múltiples vulnerabilidades no especificadas en Adobe Photoshop antes de v12.0.4 tienen un impacto y vectores de ataque desconocidos. • http://blogs.adobe.com/jnack/2011/05/photoshop-12-0-4-update-for-cs5-arrives.html http://secunia.com/advisories/44419 http://securitytracker.com/id?1025483 http://www.adobe.com/support/downloads/detail.jsp?ftpID=4973 http://www.vupen.com/english/advisories/2011/1169 •
CVSS: 9.3EPSS: 2%CPEs: 6EXPL: 2CVE-2010-3127 – Adobe Photoshop CS2 - 'Wintab32.dll' DLL Hijacking
https://notcve.org/view.php?id=CVE-2010-3127
Untrusted search path vulnerability in Adobe PhotoShop CS2 through CS5 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll or Wintab32.dll that is located in the same folder as a PSD or other file that is processed by PhotoShop. NOTE: some of these details are obtained from third party information. Vulnerabilidad de ruta de búsqueda no confiable en Adobe PhotoShop CS2 hasta CS5 permite a usuarios locales, y puede que atacantes remotos, ejecutar código de su elección y producir un ataque de secuestro de DLL, a través de un troyano dwmapi.dll o Wintab32.dll que está ubicado en la misma carpeta que un fichero as a PSD u otro fichero que sea procesado por PhotoShop. NOTA: Algunos de estos detalles han sido obtenidos de fuentes de terceros. • https://www.exploit-db.com/exploits/14741 http://blog.zoller.lu/2010/08/cve-2010-xn-loadlibrarygetprocaddress.html http://secunia.com/advisories/41060 http://www.exploit-db.com/exploits/14741 http://www.vupen.com/english/advisories/2010/2170 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6778 •
CVSS: 9.3EPSS: 15%CPEs: 2EXPL: 13CVE-2010-1296 – Adobe Photoshop CS4 Extended 11.0 - '.ASL' File Handling Remote Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2010-1296
Multiple buffer overflows in Adobe Photoshop CS4 before 11.0.2 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) .ASL, (2) .ABR, or (3) .GRD file. Múltiples desbordamiento de búfer en Adobe Photoshop CS4 anterior a v11.0.2 permite a atacantes asistidos por el usuario ejecutar código de su elección a través de un fichero manipulado (1) .ASL, (2) .ABR, o (3) .GRD Adobe Photoshop CS4 Extended suffers from a buffer overflow vulnerability when dealing with .GRD (gradients) format file. The application fails to sanitize the user input resulting in a memory corruption, overwriting several memory registers which can aid the attacker to gain the power of executing arbitrary code or denial of service. Version CS4 Extended 11.0.0.0 is affected. • https://www.exploit-db.com/exploits/12753 https://www.exploit-db.com/exploits/12751 https://www.exploit-db.com/exploits/12752 http://www.adobe.com/support/security/bulletins/apsb10-13.html http://www.exploit-db.com/exploits/12751 http://www.exploit-db.com/exploits/12752 http://www.exploit-db.com/exploits/12753 http://www.securityfocus.com/bid/40389 http://www.securitytracker.com/id?1024042 http://www.zeroscience.mk/codes/psbrush_bof.txt http://www.zeroscience.mk&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0CVE-2010-1279
https://notcve.org/view.php?id=CVE-2010-1279
Multiple unspecified vulnerabilities in Adobe Photoshop CS4 11.x before 11.0.1 allow user-assisted remote attackers to execute arbitrary code via a crafted TIFF file. Múltiples vulnerabilidades sin especificar en Adobe Photoshop CS4 v11.x anterior a v11.0.1 permiten a atacantes remotos ejecutar código de su elección a través de archivos TIFF manipulados. • http://secunia.com/advisories/39711 http://www.adobe.com/support/security/bulletins/apsb10-10.html http://www.securityfocus.com/bid/39849 http://www.vupen.com/english/advisories/2010/1049 • CWE-94: Improper Control of Generation of Code ('Code Injection') •