Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2018-15980 |
CWE-ID | CWE-125 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Adobe Photoshop Client/Desktop applications / Multimedia software |
Vendor | Adobe |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU15819
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15980
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to out-of-bounds read when handling malicious input. A remote attacker can trick the victim into opening specially crafted data, trigger memory corruption and gain access to potentially sensitive information.
MitigationThe vulnerability has been fixed in the versions 19.1.7, 20.0.
Vulnerable software versionsAdobe Photoshop: 19.0 - 19.1.6
External linkshttp://helpx.adobe.com/security/products/photoshop/apsb18-43.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.