Use-After-Free Vulnerability in Adobe Photoshop CS5 and CS5.1
CVE-2012-2027

Currently unrated

Key Information:

Vendor: Adobe
Status: Photoshop; Photoshop Cs5.5; Photoshop Cs4
Vendor: CVE Published:; 9 May 2012

What is CVE-2012-2027?

A use-after-free vulnerability found in Adobe Photoshop CS5 versions prior to 12.0.5 and CS5.1 versions before 12.1.1 could enable remote attackers to execute arbitrary code. This exploit occurs when a manipulated TIFF file is processed, allowing the attacker to leverage the flaw and gain unauthorized access or control over the affected system. Users are advised to update their software versions to protect against this exposure and ensure the integrity of their applications.

References

http://www.adobe.com/support/security/bulletins/apsb12-11...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/52634

vdb-entryx_refsource_BID

EPSS Score

47% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 9, 2012
Vulnerability Reserved
Apr 2, 2012