All the vulnerabilites related to adobe - photoshop_elements
Vulnerability from fkie_nvd
Published
2011-10-04 20:55
Modified
2024-11-21 01:28
Severity ?
Summary
Multiple buffer overflows in Adobe Photoshop Elements 8.0 and earlier allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted (1) .grd or (2) .abr file, a related issue to CVE-2010-1296.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | photoshop_elements | * | |
| adobe | photoshop_elements | 5.0 | |
| adobe | photoshop_elements | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:photoshop_elements:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F730F2F-11E8-4D83-B499-AF85BB342DC7",
"versionEndIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:photoshop_elements:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24536F06-47B2-4370-9959-2AA63D244A72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:photoshop_elements:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C536D48-0288-4F1C-9385-E6BC5908FBB3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Adobe Photoshop Elements 8.0 and earlier allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted (1) .grd or (2) .abr file, a related issue to CVE-2010-1296."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en Adobe Photoshop Elements v8.0 y anteriores permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero modificado (1) .grd o (2) .abr archivo, un tema relacionado con CVE-2010-1296."
}
],
"id": "CVE-2011-2443",
"lastModified": "2024-11-21T01:28:17.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-10-04T20:55:01.427",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://securityreason.com/securityalert/8410"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/advisories/apsa11-03.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/17918/"
},
{
"source": "psirt@adobe.com",
"tags": [
"Exploit"
],
"url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5049.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8410"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/advisories/apsa11-03.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/17918/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5049.php"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-28 15:15
Modified
2024-11-21 05:59
Severity ?
Summary
Adobe Photoshop Elements version 5.2 (and earlier) is affected by an insecure temporary file creation vulnerability. An unauthenticated attacker could leverage this vulnerability to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:photoshop_elements:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C236C25-B21C-46DA-824F-4CA8D9FB49FD",
"versionEndExcluding": "5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Photoshop Elements version 5.2 (and earlier) is affected by an insecure temporary file creation vulnerability. An unauthenticated attacker could leverage this vulnerability to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction."
},
{
"lang": "es",
"value": "Adobe Photoshop Elements versiones 5.2 (y anteriores) est\u00e1 afectada por una vulnerabilidad de creaci\u00f3n de archivos temporales no seguros. Un atacante no autenticado podr\u00eda aprovechar esta vulnerabilidad para llamar a funciones contra el instalador para llevar a cabo acciones con altos privilegios. Una explotaci\u00f3n de este problema no requiere la interacci\u00f3n del usuario"
}
],
"id": "CVE-2021-28597",
"lastModified": "2024-11-21T05:59:55.347",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6,
"source": "psirt@adobe.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-28T15:15:23.683",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/photoshop_elements/apsb21-46.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/photoshop_elements/apsb21-46.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-379"
}
],
"source": "psirt@adobe.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-30 22:19
Modified
2024-11-21 00:30
Severity ?
Summary
Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements 5.0, Illustrator CS3, and GoLive 9 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | golive | 9 | |
| adobe | illustrator | cs3 | |
| adobe | photoshop | 9.0.2 | |
| adobe | photoshop_elements | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:golive:9:*:*:*:*:*:*:*",
"matchCriteriaId": "82CE10E2-ACEA-4D7C-A3FC-056D0BA56ED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:illustrator:cs3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2544447-313B-42DD-831B-E1AED3B6086F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:photoshop:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1D2452-C141-4A9E-ACA9-61A44FB63302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:photoshop_elements:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24536F06-47B2-4370-9959-2AA63D244A72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements 5.0, Illustrator CS3, and GoLive 9 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en Adobe Photoshop versiones CS2 y CS3, Photoshop Elements versi\u00f3n 5.0, Illustrator versi\u00f3n CS3 y GoLive versi\u00f3n 9, permite a atacantes remotos asistidos por el usuario ejecutar c\u00f3digo arbitrario por medio de un archivo .PNG especialmente dise\u00f1ado."
}
],
"id": "CVE-2007-2365",
"lastModified": "2024-11-21T00:30:36.480",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-04-30T22:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35465"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/38063"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25044"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26846"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26864"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018792"
},
{
"source": "cve@mitre.org",
"url": "http://www.adobe.com/support/security/bulletins/apsb07-13.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.adobe.com/support/security/bulletins/apsb07-16.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.adobe.com/support/security/bulletins/apsb07-17.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23698"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1577"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3442"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3443"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33956"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/3812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35465"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/38063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25044"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26864"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018792"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.adobe.com/support/security/bulletins/apsb07-13.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.adobe.com/support/security/bulletins/apsb07-16.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.adobe.com/support/security/bulletins/apsb07-17.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23698"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3443"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/3812"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-27 16:15
Modified
2024-11-21 06:20
Severity ?
Summary
Photoshop Elements versions 2021 build 19.0 (20210304.m.156367) (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious TTF file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | https://helpx.adobe.com/security/products/photoshop_elements/apsb21-77.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/photoshop_elements/apsb21-77.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | photoshop_elements | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:photoshop_elements:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61D51802-4434-4273-B41D-7DAA68069013",
"versionEndIncluding": "2021.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Photoshop Elements versions 2021 build 19.0 (20210304.m.156367) (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious TTF file."
},
{
"lang": "es",
"value": "Photoshop Elements versiones 2021 build 19.0 (20210304.m.156367) (y anteriores), est\u00e1n afectadas por una vulnerabilidad de escritura fuera de l\u00edmites que podr\u00eda resultar en una ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. Es requerida una interacci\u00f3n del usuario para explotar este problema, ya que la v\u00edctima debe abrir un archivo TTF malicioso"
}
],
"id": "CVE-2021-39825",
"lastModified": "2024-11-21T06:20:19.067",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@adobe.com",
"type": "Secondary"
}
]
},
"published": "2021-09-27T16:15:10.073",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/photoshop_elements/apsb21-77.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/photoshop_elements/apsb21-77.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "psirt@adobe.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-09-30 15:30
Modified
2024-11-21 01:07
Severity ?
Summary
Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 service with an insecure security descriptor, which allows local users to (1) stop the service via the stop command, (2) execute arbitrary commands as SYSTEM by using the config command to modify the binPath variable, or (3) restart the service via the start command.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | photoshop_elements | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:photoshop_elements:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "218766FE-4F82-4704-BA6A-C0CF1D148DA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 service with an insecure security descriptor, which allows local users to (1) stop the service via the stop command, (2) execute arbitrary commands as SYSTEM by using the config command to modify the binPath variable, or (3) restart the service via the start command."
},
{
"lang": "es",
"value": "Adobe Photoshop Elements v8.0 instala Adobe Active File Monitor V8 service con un descriptor de seguridad no seguro, que permite a usuarios locales (1) parar el servicio a trav\u00e9s de comando stop, (2) ejecutar comandos de su elecci\u00f3n como SYSTEM usando el comando config para modificar la variable binPaht, o (3) reiniciar el servicio a trav\u00e9s del comando start."
}
],
"id": "CVE-2009-3489",
"lastModified": "2024-11-21T01:07:29.280",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2009-09-30T15:30:00.593",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://blogs.adobe.com/psirt/2009/09/potential_photoshop_elements_8.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit"
],
"url": "http://retrogod.altervista.org/9sg_adobe_pe_local.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/36895"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/506806/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/36542"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022963"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2009/2798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://blogs.adobe.com/psirt/2009/09/potential_photoshop_elements_8.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Exploit"
],
"url": "http://retrogod.altervista.org/9sg_adobe_pe_local.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/36895"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/506806/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/36542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2009/2798"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2021-28597
Vulnerability from cvelistv5
Published
2021-06-28 14:13
Modified
2024-09-17 01:26
Severity ?
EPSS score ?
Summary
Adobe Photoshop Elements version 5.2 (and earlier) is affected by an insecure temporary file creation vulnerability. An unauthenticated attacker could leverage this vulnerability to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/photoshop_elements/apsb21-46.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Adobe | Photoshop Elements |
Version: unspecified < Version: unspecified < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:33.016Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/photoshop_elements/apsb21-46.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Photoshop Elements",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "5.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Photoshop Elements version 5.2 (and earlier) is affected by an insecure temporary file creation vulnerability. An unauthenticated attacker could leverage this vulnerability to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-379",
"description": "Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T14:13:20",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/photoshop_elements/apsb21-46.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Photoshop Elements Privilege Escalation Vulnerability - symbolic link",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-06-08T23:00:00.000Z",
"ID": "CVE-2021-28597",
"STATE": "PUBLIC",
"TITLE": "Adobe Photoshop Elements Privilege Escalation Vulnerability - symbolic link"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Photoshop Elements",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "5.2"
},
{
"version_affected": "\u003c=",
"version_value": "None"
},
{
"version_affected": "\u003c=",
"version_value": "None"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Photoshop Elements version 5.2 (and earlier) is affected by an insecure temporary file creation vulnerability. An unauthenticated attacker could leverage this vulnerability to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 6.2,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/photoshop_elements/apsb21-46.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/photoshop_elements/apsb21-46.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28597",
"datePublished": "2021-06-28T14:13:20.585279Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-17T01:26:48.062Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39825
Vulnerability from cvelistv5
Published
2021-09-27 15:43
Modified
2024-09-16 16:18
Severity ?
EPSS score ?
Summary
Photoshop Elements versions 2021 build 19.0 (20210304.m.156367) (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious TTF file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/photoshop_elements/apsb21-77.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Adobe | Photoshop Elements |
Version: unspecified < Version: unspecified < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.376Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/photoshop_elements/apsb21-77.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Photoshop Elements",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2021.156367",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Photoshop Elements versions 2021 build 19.0 (20210304.m.156367) (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious TTF file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-27T15:43:13",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/photoshop_elements/apsb21-77.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Photoshop Elements Edit 2021 TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39825",
"STATE": "PUBLIC",
"TITLE": "Adobe Photoshop Elements Edit 2021 TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Photoshop Elements",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2021.156367"
},
{
"version_affected": "\u003c=",
"version_value": "None"
},
{
"version_affected": "\u003c=",
"version_value": "None"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Photoshop Elements versions 2021 build 19.0 (20210304.m.156367) (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious TTF file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/photoshop_elements/apsb21-77.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/photoshop_elements/apsb21-77.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39825",
"datePublished": "2021-09-27T15:43:13.566962Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-16T16:18:53.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2365
Vulnerability from cvelistv5
Published
2007-04-30 22:00
Modified
2024-08-07 13:33
Severity ?
EPSS score ?
Summary
Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements 5.0, Illustrator CS3, and GoLive 9 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.711Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "38063",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38063"
},
{
"name": "1018792",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018792"
},
{
"name": "35465",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35465"
},
{
"name": "ADV-2007-3442",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3442"
},
{
"name": "adobe-pngfile-bo(33956)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33956"
},
{
"name": "26864",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26864"
},
{
"name": "26846",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26846"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb07-17.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb07-13.html"
},
{
"name": "ADV-2007-3443",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3443"
},
{
"name": "3812",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3812"
},
{
"name": "23698",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23698"
},
{
"name": "25044",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25044"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb07-16.html"
},
{
"name": "ADV-2007-1577",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1577"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements 5.0, Illustrator CS3, and GoLive 9 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "38063",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38063"
},
{
"name": "1018792",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018792"
},
{
"name": "35465",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35465"
},
{
"name": "ADV-2007-3442",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3442"
},
{
"name": "adobe-pngfile-bo(33956)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33956"
},
{
"name": "26864",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26864"
},
{
"name": "26846",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26846"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb07-17.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb07-13.html"
},
{
"name": "ADV-2007-3443",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3443"
},
{
"name": "3812",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3812"
},
{
"name": "23698",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23698"
},
{
"name": "25044",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25044"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb07-16.html"
},
{
"name": "ADV-2007-1577",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1577"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements 5.0, Illustrator CS3, and GoLive 9 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38063",
"refsource": "OSVDB",
"url": "http://osvdb.org/38063"
},
{
"name": "1018792",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018792"
},
{
"name": "35465",
"refsource": "OSVDB",
"url": "http://osvdb.org/35465"
},
{
"name": "ADV-2007-3442",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3442"
},
{
"name": "adobe-pngfile-bo(33956)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33956"
},
{
"name": "26864",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26864"
},
{
"name": "26846",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26846"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb07-17.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb07-17.html"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb07-13.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb07-13.html"
},
{
"name": "ADV-2007-3443",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3443"
},
{
"name": "3812",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3812"
},
{
"name": "23698",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23698"
},
{
"name": "25044",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25044"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb07-16.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb07-16.html"
},
{
"name": "ADV-2007-1577",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1577"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2365",
"datePublished": "2007-04-30T22:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.711Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-3489
Vulnerability from cvelistv5
Published
2009-09-30 15:00
Modified
2024-08-07 06:31
Severity ?
EPSS score ?
Summary
Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 service with an insecure security descriptor, which allows local users to (1) stop the service via the stop command, (2) execute arbitrary commands as SYSTEM by using the config command to modify the binPath variable, or (3) restart the service via the start command.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/36542 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2009/2798 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/archive/1/506806/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://blogs.adobe.com/psirt/2009/09/potential_photoshop_elements_8.html | x_refsource_MISC | |
| http://www.securitytracker.com/id?1022963 | vdb-entry, x_refsource_SECTRACK | |
| http://retrogod.altervista.org/9sg_adobe_pe_local.html | x_refsource_MISC | |
| http://secunia.com/advisories/36895 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:31:10.303Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36542",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36542"
},
{
"name": "ADV-2009-2798",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2798"
},
{
"name": "20090929 Adobe Photoshop Elements 8.0 Active File Monitor Service Bad Security Descriptor Local Elevation Of Privileges",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/506806/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.adobe.com/psirt/2009/09/potential_photoshop_elements_8.html"
},
{
"name": "1022963",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022963"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://retrogod.altervista.org/9sg_adobe_pe_local.html"
},
{
"name": "36895",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36895"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 service with an insecure security descriptor, which allows local users to (1) stop the service via the stop command, (2) execute arbitrary commands as SYSTEM by using the config command to modify the binPath variable, or (3) restart the service via the start command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36542",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36542"
},
{
"name": "ADV-2009-2798",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2798"
},
{
"name": "20090929 Adobe Photoshop Elements 8.0 Active File Monitor Service Bad Security Descriptor Local Elevation Of Privileges",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/506806/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.adobe.com/psirt/2009/09/potential_photoshop_elements_8.html"
},
{
"name": "1022963",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022963"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://retrogod.altervista.org/9sg_adobe_pe_local.html"
},
{
"name": "36895",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36895"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 service with an insecure security descriptor, which allows local users to (1) stop the service via the stop command, (2) execute arbitrary commands as SYSTEM by using the config command to modify the binPath variable, or (3) restart the service via the start command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36542",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36542"
},
{
"name": "ADV-2009-2798",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2798"
},
{
"name": "20090929 Adobe Photoshop Elements 8.0 Active File Monitor Service Bad Security Descriptor Local Elevation Of Privileges",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/506806/100/0/threaded"
},
{
"name": "http://blogs.adobe.com/psirt/2009/09/potential_photoshop_elements_8.html",
"refsource": "MISC",
"url": "http://blogs.adobe.com/psirt/2009/09/potential_photoshop_elements_8.html"
},
{
"name": "1022963",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022963"
},
{
"name": "http://retrogod.altervista.org/9sg_adobe_pe_local.html",
"refsource": "MISC",
"url": "http://retrogod.altervista.org/9sg_adobe_pe_local.html"
},
{
"name": "36895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36895"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3489",
"datePublished": "2009-09-30T15:00:00",
"dateReserved": "2009-09-30T00:00:00",
"dateUpdated": "2024-08-07T06:31:10.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-2443
Vulnerability from cvelistv5
Published
2011-10-04 20:00
Modified
2024-08-06 23:00
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in Adobe Photoshop Elements 8.0 and earlier allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted (1) .grd or (2) .abr file, a related issue to CVE-2010-1296.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5049.php | x_refsource_MISC | |
| http://securityreason.com/securityalert/8410 | third-party-advisory, x_refsource_SREASON | |
| http://www.adobe.com/support/security/advisories/apsa11-03.html | x_refsource_CONFIRM | |
| http://www.exploit-db.com/exploits/17918/ | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:33.955Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5049.php"
},
{
"name": "8410",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8410"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/advisories/apsa11-03.html"
},
{
"name": "17918",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/17918/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Adobe Photoshop Elements 8.0 and earlier allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted (1) .grd or (2) .abr file, a related issue to CVE-2010-1296."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-02-14T10:00:00",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5049.php"
},
{
"name": "8410",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8410"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/advisories/apsa11-03.html"
},
{
"name": "17918",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/17918/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-2443",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Adobe Photoshop Elements 8.0 and earlier allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted (1) .grd or (2) .abr file, a related issue to CVE-2010-1296."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5049.php",
"refsource": "MISC",
"url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5049.php"
},
{
"name": "8410",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8410"
},
{
"name": "http://www.adobe.com/support/security/advisories/apsa11-03.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/advisories/apsa11-03.html"
},
{
"name": "17918",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/17918/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2011-2443",
"datePublished": "2011-10-04T20:00:00",
"dateReserved": "2011-06-06T00:00:00",
"dateUpdated": "2024-08-06T23:00:33.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}