Vulnerabilities > CVE-2021-42735 - Access of Memory Location After End of Buffer vulnerability in Adobe Photoshop

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

adobe

CWE-788

NVD

Published: 2022-06-15

Updated: 2022-06-24

Summary

Adobe Photoshop version 22.5.1 (and earlier versions ) is affected by an Access of Memory Location After End of Buffer vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Adobe Adobe Photoshop - Adobe Photoshop 2.5 Adobe Photoshop 3.0 Adobe Photoshop 4.0 Adobe Photoshop 5.0 Adobe Photoshop 6.0 Adobe Photoshop 6.0.1 Adobe Photoshop 7.0 Adobe Photoshop 7.0.1 Adobe Photoshop 8.0 Adobe Photoshop 9.0 Adobe Photoshop 9.0.1 Adobe Photoshop 9.0.2 Adobe Photoshop 10.0 Adobe Photoshop 10.0.1 Adobe Photoshop 11.0 Adobe Photoshop 11.0.1 Adobe Photoshop 11.0.2 Adobe Photoshop 11.0.4 Adobe Photoshop 12.0.0 Adobe Photoshop 12.0.1 Adobe Photoshop 12.0.2 Adobe Photoshop 12.0.3 Adobe Photoshop 12.0.4 Adobe Photoshop 15.0 Adobe Photoshop 15.2.2 Adobe Photoshop 16.0 Adobe Photoshop 16.1 Adobe Photoshop 17.0 Adobe Photoshop 17.0.1 Adobe Photoshop 18.0 Adobe Photoshop 18.0.1 Adobe Photoshop 18.1.0 Adobe Photoshop 18.1.1 Adobe Photoshop 19.0.0 Adobe Photoshop 21.2 Adobe Photoshop 21.2.1 Adobe Photoshop 21.2.4 Adobe Photoshop 21.2.5 Adobe Photoshop 21.2.6 Adobe Photoshop 22.0 Adobe Photoshop 22.1 Adobe Photoshop 22.1.1 Adobe Photoshop 22.2 Adobe Photoshop 22.3 Adobe Photoshop 22.5.1	48
OS	Microsoft Microsoft Windows -	1
OS	Apple Apple Macos -	1

Common Weakness Enumeration (CWE)

CWE-788 - Access of Memory Location After End of Buffer

References

https://helpx.adobe.com/security/products/photoshop/apsb21-109.html