CVE-2021-42735Access of Memory Location After End of Buffer in Adobe Photoshop

CWE-788Access of Memory Location After End of Buffer3 documents3 sources
Severity
7.8HIGHNVD
EPSS
1.9%
top 16.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Photoshop
Timeline
PublishedJun 15
Latest updateJun 16

Description

Adobe Photoshop version 22.5.1 (and earlier versions ) is affected by an Access of Memory Location After End of Buffer vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5adobe/photoshopunspecified22.5.1  and earlier versions+1
NVDadobe/photoshop22.5.1

🔴Vulnerability Details

2
GHSA
GHSA-ff73-9vgm-hwwj: Adobe Photoshop version 222022-06-16
CVEList
Adobe Photoshop Memory Corruption could lead to Arbitrary code execution2022-06-15
CVE-2021-42735 — Adobe Photoshop vulnerability | cvebase