Skip to main content

Bridge Cc CVE-2016-0953

CRITICAL
Buffer Overflow (CWE-119)
2016-02-10 psirt@adobe.com
9.8
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Feb 10, 2016 - 20:59 cve.org
CRITICAL 9.8

DescriptionCVE.org

Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0951 and CVE-2016-0952.

AnalysisAI

Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 17.5%.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0951 and CVE-2016-0952. Affected products include: Adobe Bridge Cc, Adobe Photoshop Cc. Version information: before 15.2.4.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2016-0952 CRITICAL POC
9.8 Feb 10

Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to exec

CVE-2016-0951 CRITICAL POC
9.8 Feb 10

Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to exec

CVE-2019-7130 CRITICAL
9.8 May 23

Adobe Bridge CC versions 9.0.2 have a heap overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerabilit

CVE-2019-7132 HIGH
8.8 May 23

Adobe Bridge CC versions 9.0.2 have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerabi

CVE-2019-8240 HIGH
7.5 Nov 14

Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Rated high severity (CVSS 7.5), this vu

CVE-2019-8239 HIGH
7.5 Nov 14

Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Rated high severity (CVSS 7.5), this vu

CVE-2019-7963 MEDIUM
6.5 Jul 18

Adobe Bridge CC version 9.0.2 and earlier versions have an out of bound read vulnerability. Rated medium severity (CVSS

CVE-2019-7138 MEDIUM
6.5 May 23

Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.5), this vulnerab

CVE-2019-7137 MEDIUM
6.5 May 23

Adobe Bridge CC versions 9.0.2 have a memory corruption vulnerability. Rated medium severity (CVSS 6.5), this vulnerabil

CVE-2019-7136 MEDIUM
6.5 May 23

Adobe Bridge CC versions 9.0.2 have an use after free vulnerability. Rated medium severity (CVSS 6.5), this vulnerabilit

CVE-2019-7135 MEDIUM
6.5 May 23

Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.5), this vulnerab

CVE-2019-7134 MEDIUM
6.5 May 23

Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.5), this vulnerab

Share

CVE-2016-0953 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy