Adobe released security updates for arbitrary code execution vulnerability for Windows and macOS.
Description:
Adobe Photoshop version 22.1 (and earlier) is affected by a heap buffer overflow vulnerability when handling a specially crafted font file.
And, Successful exploitation could lead to arbitrary code execution.
However, the exploitation of this issue requires user interaction in that a victim must open a malicious file.
Affected Versions
| Product | Affected version | Platform |
|---|---|---|
| Photoshop 2021 | 22.1 and earlier version | Windows and macOS |
Severity
Importantly, this vulnerability considered as High severity and with the following base score
| Vulnerability Rating: | CVSS v3.0 |
| Base Score: | 8.4 |
| Base Metrics: | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| Vulnerability Rating: | CVSS v2.0 |
| Base Score: | 7.2 |
| Base Metrics: | CVSS:2.0/AV:L/AC:L/AU:N/C:C/I:C/A:C |
In addition, the vulnerability impacts — Arbitrary Code Execution, Denial of Service.
Reference
Adobe Security Bulletin – https://helpx.adobe.com/security/products/photoshop/apsb21-01.html
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment