| |
Vulnerability CVE-2021-28548
Published: 2021-04-15
| Description: |
Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
Type:
CWE-120 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'))
CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
6.8/10 |
6.4/10 |
8.6/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
https://helpx.adobe.com/security/products/photoshop/apsb21-28.html
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
