Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-3111Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Bridge

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
10.0CRITICALNVD
EPSS
27.4%
top 3.58%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Adobe BridgeAdobe Photoshop CC
Timeline
PublishedJun 24
Latest updateMay 17

Description

Heap-based buffer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allows attackers to execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDadobe/bridge6.1
NVDadobe/photoshop_cc15.2.2

🔴Vulnerability Details

2
GHSA
GHSA-xr47-4wf6-2gmw: Heap-based buffer overflow in Adobe Photoshop CC before 162022-05-17
CVEList
CVE-2015-3111: Heap-based buffer overflow in Adobe Photoshop CC before 162015-06-24

💥Exploits & PoCs

1
Exploit-DB
Photoshop CC2014 / Bridge CC 2014 - '.png' Parsing Memory Corruption2015-06-23
CVE-2015-3111 — Adobe Bridge vulnerability | cvebase