Vulnerability Details : CVE-2012-2027
Use-after-free vulnerability in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 12.1.x before 12.1.1 allows remote attackers to execute arbitrary code via a crafted TIFF (aka .TIF) file.
Vulnerability category: Memory CorruptionExecute code
Products affected by CVE-2012-2027
- cpe:2.3:a:adobe:photoshop:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:9.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:9.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:12.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:11.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:11.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:11.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:10.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:12.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:6.0:*:pro:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:12.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:2.5:*:pro:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:12.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:5.0:*:pro:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:4.0:*:pro:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:3.0:*:pro:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop:11.0:*:*:*:*:*:x64:*
- cpe:2.3:a:adobe:photoshop_cs4:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop_cs5.5:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-2027
47.45%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-2027
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2012-2027
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-2027
-
http://www.securityfocus.com/bid/52634
Adobe Photoshop '.tiff' File Use After Free Memory Corruption Vulnerability
-
http://www.adobe.com/support/security/bulletins/apsb12-11.html
Adobe - Security Bulletins: APSB12-11 Security bulletin for Adobe PhotoshopPatch;Vendor Advisory
Jump to