Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-1296

CWE-119Buffer Overflow6 documents4 sources
Severity
9.3CRITICAL
EPSS
30.5%
top 3.30%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Adobe Photoshop CS4
Timeline
PublishedMay 27
Latest updateMay 2

Description

Multiple buffer overflows in Adobe Photoshop CS4 before 11.0.2 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) .ASL, (2) .ABR, or (3) .GRD file.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDadobe/photoshop_cs411.0.1+1

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

2
GHSA
GHSA-8x83-5ph9-f7w9: Multiple buffer overflows in Adobe Photoshop CS4 before 112022-05-02
CVEList
CVE-2010-1296: Multiple buffer overflows in Adobe Photoshop CS4 before 112010-05-27

💥Exploits & PoCs

3
Exploit-DB
Adobe Photoshop CS4 Extended 11.0 - '.GRD' File Handling Remote Buffer Overflow (PoC)2010-05-26
Exploit-DB
Adobe Photoshop CS4 Extended 11.0 - '.ASL' File Handling Remote Buffer Overflow (PoC)2010-05-26
Exploit-DB
Adobe Photoshop CS4 Extended 11.0 - '.ABR' File Handling Remote Buffer Overflow (PoC)2010-05-26
CVE-2010-1296 (CRITICAL CVSS 9.3) | Multiple buffer overflows in Adobe | cvebase.io