cbcvebase.
CVE-2012-2027
published 2012-05-09

CVE-2012-2027: Use-after-free vulnerability in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 12.1.x before 12.1.1 allows remote attackers to execute arbitrary code via a…

PriorityP258critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
13.44%
96.0th percentile
Use-after-free vulnerability in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 12.1.x before 12.1.1 allows remote attackers to execute arbitrary code via a crafted TIFF (aka .TIF) file.

Affected

25 ranges
VendorProductVersion rangeFixed in
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop
adobephotoshop_cs4
adobephotoshop_cs5.5<= 12.0

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://www.protekresearchlab.com/exploits/PRL-2012-07.tif
urlhttps://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19338.tif
filenamePRL-2012-07.tif
filename19338.tif
  • Monitor Adobe Photoshop CS5 (versions 12.x before 12.0.5 and 12.1.x before 12.1.1) opening crafted TIFF (.tif/.tiff) files, which trigger a use-after-free during TIFF parsing and may lead to arbitrary code execution.
  • Flag delivery of .tif/.tiff files to users running vulnerable Adobe Photoshop versions (CS5 12.x < 12.0.5, CS5.1 12.1.x < 12.1.1) via email, web, or file shares as a potential exploitation vector.
  • ·Exploit targets Windows platform specifically; Linux (via Wine) and macOS exposure may differ.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.