Kaspersky Threats

KLA10030
ACE vulnerabilities in Adobe Photoshop

Updated: 06/01/2019

Detect date ?	05/08/2012
Severity ?	Critical
Description	Multiple serious vulnerabilities have been found in Adobe Photoshop. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities Use-after-free vulnerability can be exploited via specially designed TIFF image. Buffer overflow vulnerability can be exploited via unknown vectors. Stack-based buffer overflow vulnerability can be exploited via a long Collada asset element in a DAE file. Heap-based buffer overflow vulnerability can be exploited via a specially designed TIFF image with SGI24LogLum compression.
Affected products	Adobe Photoshop CS5.1 versions 12.1 and earlier for Windows and Mac OS
Solution	Update to latest version Photoshop
Original advisories	Adobe bulletin
Impacts ?	ACE [?]
Related products	Adobe Photoshop
CVE-IDS ?	CVE-2012-20289.3Critical CVE-2012-20529.3Critical CVE-2012-027510.0Critical CVE-2012-20279.3Critical