Published: 29/08/2018 Updated: 26/10/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Adobe Photoshop CC 2018 prior to 19.1.6 and Photoshop CC 2017 prior to 18.1.6 have a memory corruption vulnerability. Successful exploitation could lead to remote code execution.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

adobe photoshop_cc

Recent Articles

Whoa, is it Patch Tuesday already? No, just an unexpected critical Photoshop fix
The Register • Richard Chirgwin • 23 Aug 2018

Memory corruption bugs lead to remote code execution

Adobe says there's a critical flaw in its Photoshop Creative Cloud software for Windows and macOS that can be exploited by malicious files to hijack systems.
The unscheduled update fixes up critical memory corruption bugs discovered by Fortinet's Kushal Arvind Shah, both of which leave vulnerable systems open to remote code execution (RCE).
Opening a specially crafted file in a vulnerable Photoshop version will trigger the execute of code smuggled into the images. The RCE is “in th...