CVE-2020-3783Out-of-bounds Write in Adobe Photoshop 2020

CWE-787Out-of-bounds WriteCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
9.8CRITICALNVD
EPSS
25.0%
top 3.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Adobe Photoshop 2020Adobe Photoshop CCAdobe Photoshop
Timeline
PublishedMar 25
Latest updateMay 24

Description

Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a heap corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

NVDadobe/photoshop_202021.021.1
NVDadobe/photoshop_cc20.020.0.8
CVEListV5adobe/adobe_photoshopPhotoshop CC 2019, and Photoshop 2020 versions

🔴Vulnerability Details

2
GHSA
GHSA-2w63-qqf6-cg3f: Adobe Photoshop CC 2019 versions 202022-05-24
CVEList
CVE-2020-3783: Adobe Photoshop CC 2019 versions 202020-03-25
CVE-2020-3783 — Out-of-bounds Write in Adobe | cvebase