Unquoted Search Path Vulnerability in Adobe Photoshop Products
CVE-2017-3005

7.8HIGH

Key Information:

Vendor

Adobe
Status
Adobe Photoshop Cc 2017 (18.0.1) And Earlier, Cc 2015.5.1 (17.0.1) And Earlier.
Vendor
CVE Published:
12 April 2017

What is CVE-2017-3005?

Adobe Photoshop has a vulnerability that arises from an unquoted search path issue, which could potentially enable an attacker to execute arbitrary code. This flaw primarily affects versions CC 2017 (18.0.1) and earlier as well as CC 2015.5.1 (17.0.1) and earlier. Attackers could exploit the vulnerability by placing a malicious executable in a directory that is included in the search path, leading to execution of unauthorized code. Users of affected products should review their security configurations and apply mitigations as outlined in Adobe's security advisory.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Adobe Photoshop CC 2017 (18.0.1) and earlier, CC 2015.5.1 (17.0.1) and earlier. Adobe Photoshop CC 2017 (18.0.1) and earlier, CC 2015.5.1 (17.0.1) and earlier.

References

http://www.securityfocus.com/bid/97553
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1038229
vdb-entryx_refsource_SECTRACK
https://helpx.adobe.com/security/products/photoshop/apsb1...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.