Published: 29/08/2018 Updated: 08/09/2021

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Adobe Photoshop CC 2018 prior to 19.1.6 and Photoshop CC 2017 prior to 18.1.6 have a memory corruption vulnerability. Successful exploitation could lead to remote code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
adobe photoshop_cc

Whoa, is it Patch Tuesday already? No, just an unexpected critical Photoshop fix

The Register • Richard Chirgwin • 23 Aug 2018

Memory corruption bugs lead to remote code execution

Adobe says there's a critical flaw in its Photoshop Creative Cloud software for Windows and macOS that can be exploited by malicious files to hijack systems. The unscheduled update fixes up critical memory corruption bugs discovered by Fortinet's Kushal Arvind Shah, both of which leave vulnerable systems open to remote code execution (RCE). Opening a specially crafted file in a vulnerable Photoshop version will trigger the execute of code smuggled into the images. The RCE is “in the context of...

CVE-2018-12810

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect