var-201506-0077
Vulnerability from variot
Heap-based buffer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allows attackers to execute arbitrary code via unspecified vectors. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts likely result in denial-of-service conditions. Adobe PS CC is a set of the latest image processing and drawing software. Adobe Bridge CC is the control center of Adobe Creative Suite (a product suite integrating graphic design, video editing, web design and other applications)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201506-0077",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "bridge",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "6.1"
},
{
"model": "photoshop cc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.2.2"
},
{
"model": "bridge cc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "6.1.1 (windows/macintosh)"
},
{
"model": "photoshop cc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "16.0 (2015.0.0) (windows/macintosh)"
},
{
"model": "photoshop cc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.2.2"
},
{
"model": "bridge",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.1"
},
{
"model": "photoshop cc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2014(15.2.2)(2014.2.2)"
},
{
"model": "photoshop cc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "201516.0(2015.0.0)"
}
],
"sources": [
{
"db": "BID",
"id": "75240"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
},
{
"db": "NVD",
"id": "CVE-2015-3111"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-456"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:bridge:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:photoshop_cc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.2.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3111"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Francis Provencher of Protek Research Labs",
"sources": [
{
"db": "BID",
"id": "75240"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-456"
}
],
"trust": 0.9
},
"cve": "CVE-2015-3111",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-3111",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81072",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-3111",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201506-456",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81072",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-3111",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81072"
},
{
"db": "VULMON",
"id": "CVE-2015-3111"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
},
{
"db": "NVD",
"id": "CVE-2015-3111"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-456"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allows attackers to execute arbitrary code via unspecified vectors. \nAttackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts likely result in denial-of-service conditions. Adobe PS CC is a set of the latest image processing and drawing software. Adobe Bridge CC is the control center of Adobe Creative Suite (a product suite integrating graphic design, video editing, web design and other applications)",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3111"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
},
{
"db": "BID",
"id": "75240"
},
{
"db": "VULHUB",
"id": "VHN-81072"
},
{
"db": "VULMON",
"id": "CVE-2015-3111"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-81072",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=37348",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81072"
},
{
"db": "VULMON",
"id": "CVE-2015-3111"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3111",
"trust": 2.9
},
{
"db": "BID",
"id": "75240",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1032659",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1032658",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003255",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201506-456",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "37348",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-81072",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-3111",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81072"
},
{
"db": "VULMON",
"id": "CVE-2015-3111"
},
{
"db": "BID",
"id": "75240"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
},
{
"db": "NVD",
"id": "CVE-2015-3111"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-456"
}
]
},
"id": "VAR-201506-0077",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81072"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:30:21.029000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-12",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/photoshop/apsb15-12.html"
},
{
"title": "APSB15-13",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/bridge/apsb15-13.html"
},
{
"title": "APSB15-12",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/photoshop/apsb15-12.html"
},
{
"title": "APSB15-13",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/bridge/apsb15-13.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81072"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
},
{
"db": "NVD",
"id": "CVE-2015-3111"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://helpx.adobe.com/security/products/photoshop/apsb15-12.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/75240"
},
{
"trust": 1.8,
"url": "https://helpx.adobe.com/security/products/bridge/apsb15-13.html"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1032658"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1032659"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3111"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3111"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/in/products/photoshop/features.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/37348/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39434"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81072"
},
{
"db": "VULMON",
"id": "CVE-2015-3111"
},
{
"db": "BID",
"id": "75240"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
},
{
"db": "NVD",
"id": "CVE-2015-3111"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-456"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-81072"
},
{
"db": "VULMON",
"id": "CVE-2015-3111"
},
{
"db": "BID",
"id": "75240"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
},
{
"db": "NVD",
"id": "CVE-2015-3111"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-456"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-24T00:00:00",
"db": "VULHUB",
"id": "VHN-81072"
},
{
"date": "2015-06-24T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3111"
},
{
"date": "2015-06-16T00:00:00",
"db": "BID",
"id": "75240"
},
{
"date": "2015-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003255"
},
{
"date": "2015-06-24T10:59:04.027000",
"db": "NVD",
"id": "CVE-2015-3111"
},
{
"date": "2015-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-456"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-28T00:00:00",
"db": "VULHUB",
"id": "VHN-81072"
},
{
"date": "2016-12-28T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3111"
},
{
"date": "2015-06-16T00:00:00",
"db": "BID",
"id": "75240"
},
{
"date": "2015-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003255"
},
{
"date": "2016-12-28T02:59:10.793000",
"db": "NVD",
"id": "CVE-2015-3111"
},
{
"date": "2015-06-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-456"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-456"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Photoshop CC and Adobe Bridge CC Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-456"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.