KLA10030
ACE vulnerabilities in Adobe Photoshop
Updated: 06/01/2019
Detect date
?
05/08/2012
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Adobe Photoshop. Malicious users can exploit these vulnerabilities to execute arbitrary code.

Below is a complete list of vulnerabilities

  1. Use-after-free vulnerability can be exploited via specially designed TIFF image.
  2. Buffer overflow vulnerability can be exploited via unknown vectors.
  3. Stack-based buffer overflow vulnerability can be exploited via a long Collada asset element in a DAE file.
  4. Heap-based buffer overflow vulnerability can be exploited via a specially designed TIFF image with SGI24LogLum compression.
Affected products

Adobe Photoshop CS5.1 versions 12.1 and earlier for Windows and Mac OS

Solution

Update to latest version
Photoshop

Original advisories

Adobe bulletin

Impacts
?
ACE 
[?]
Related products
Adobe Photoshop
CVE-IDS
?
CVE-2012-20289.3Critical
CVE-2012-20529.3Critical
CVE-2012-027510.0Critical
CVE-2012-20279.3Critical