Bridge Cc
CVE-2016-0953
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0951 and CVE-2016-0952.
AnalysisAI
Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 17.5%.
Technical ContextAI
This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0951 and CVE-2016-0952. Affected products include: Adobe Bridge Cc, Adobe Photoshop Cc. Version information: before 15.2.4.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.
Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to exec
Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to exec
Adobe Bridge CC versions 9.0.2 have a heap overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerabilit
Adobe Bridge CC versions 9.0.2 have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerabi
Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Rated high severity (CVSS 7.5), this vu
Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Rated high severity (CVSS 7.5), this vu
Adobe Bridge CC version 9.0.2 and earlier versions have an out of bound read vulnerability. Rated medium severity (CVSS
Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.5), this vulnerab
Adobe Bridge CC versions 9.0.2 have a memory corruption vulnerability. Rated medium severity (CVSS 6.5), this vulnerabil
Adobe Bridge CC versions 9.0.2 have an use after free vulnerability. Rated medium severity (CVSS 6.5), this vulnerabilit
Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.5), this vulnerab
Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.5), this vulnerab
Same weakness CWE-119 – Buffer Overflow
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today