Use-After-Free Vulnerability in Adobe Photoshop Products
CVE-2017-11304

9.8CRITICAL

Key Information:

Vendor

Adobe
Status
Adobe Photoshop 18.1.1 (2017.1.1) And Earlier Versions
Vendor
CVE Published:
9 December 2017

What is CVE-2017-11304?

A use-after-free vulnerability has been identified in Adobe Photoshop versions 18.1.1 and earlier, allowing attackers to exploit the flaw and execute arbitrary code. This vulnerability occurs when the software improperly manages memory, potentially leading to unexpected behaviors and breaches of user security. Users are advised to update to the latest versions to mitigate risks associated with this vulnerability.

Affected Version(s)

Adobe Photoshop 18.1.1 (2017.1.1) and earlier Adobe Photoshop 18.1.1 (2017.1.1) and earlier versions

References

http://www.securityfocus.com/bid/101829
vdb-entryx_refsource_BID
https://helpx.adobe.com/security/products/photoshop/apsb1...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1039786
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2017-11304 : Use-After-Free Vulnerability in Adobe Photoshop Products