CVE-2019-7998

CWE-787 — Out-of-bounds Write5 documents5 sources

Severity

9.8CRITICAL

EPSS

21.7%

top 4.27%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Photoshop CC Adobe Adobe Photoshop CC

Timeline

PublishedAug 26

Latest updateOct 18

Description

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

▶NVDadobe/photoshop_cc20.0 — 20.0.5+1

▶CVEListV5adobe/adobe_photoshop_cc<=19.1.8 and <=20.0.5

🔴Vulnerability Details

OSV

vips vulnerabilities↗2023-10-18

▶

GHSA

GHSA-x6fv-rpp3-g554: Adobe Photoshop CC versions 19↗2022-05-24

▶

CVEList

CVE-2019-7998: Adobe Photoshop CC versions 19↗2019-08-26

▶