This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
{"id": "CVE-2020-9709", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2020-9709", "description": "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.", "published": "2022-02-25T20:30:38", "modified": "2022-02-25T20:30:38", "epss": [], "cvss": {}, "cvss2": {}, "cvss3": {}, "href": "", "reporter": "candidate", "references": [], "cvelist": ["CVE-2020-9709"], "immutableFields": [], "lastseen": "2022-02-25T20:30:38", "viewCount": 15, "enchantments": {"backreferences": {"references": [{"type": "adobe", "idList": ["APSB20-45"]}, {"type": "nessus", "idList": ["MACOS_ADOBE_PHOTOSHOP_APSB20-45.NASL"]}]}, "score": {"value": 8.6, "uncertanity": 0.2, "vector": "NONE"}, "dependencies": {"references": [{"type": "adobe", "idList": ["APSB20-45"]}, {"type": "nessus", "idList": ["ADOBE_PHOTOSHOP_APSB20-45.NASL", "MACOS_ADOBE_PHOTOSHOP_APSB20-45.NASL"]}], "rev": 4}, "vulnersScore": 8.6}, "_state": {"dependencies": 1698440463, "score": 1698440334, "epss": 0}, "_internal": {"score_hash": "31914e261020a88a2f36fcc8d53c4de2"}, "cna_cvss": {}, "cpe": [], "cpe23": [], "cwe": [], "affectedSoftware": [], "affectedConfiguration": [], "cpeConfiguration": {}, "extraReferences": [], "product_info": [], "solutions": [], "workarounds": [], "impacts": [], "problemTypes": [], "exploits": [], "assigned": "1976-01-01T00:00:00"}
{"nessus": [{"lastseen": "2023-05-18T15:04:17", "description": "The version of Adobe Photoshop CC or Photoshop installed on the remote Windows host is prior to 20.0.10/21.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb20-45 advisory.\n\n - Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability.\n Successful exploitation could lead to arbitrary code execution. (CVE-2020-9683, CVE-2020-9686)\n\n - Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability.\n Successful exploitation could lead to arbitrary code execution . (CVE-2020-9684, CVE-2020-9685, CVE-2020-9687)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-07-24T00:00:00", "type": "nessus", "title": "Adobe Photoshop CC 20.x < 20.0.10 / 21.x < 21.2.1 Multiple Vulnerabilities (APSB20-45)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9683", "CVE-2020-9684", "CVE-2020-9685", "CVE-2020-9686", "CVE-2020-9687", "CVE-2020-9709"], "modified": "2021-11-18T00:00:00", "cpe": ["cpe:/a:adobe:photoshop", "cpe:/a:adobe:photoshop_cc"], "id": "ADOBE_PHOTOSHOP_APSB20-45.NASL", "href": "https://www.tenable.com/plugins/nessus/138891", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138891);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/18\");\n\n script_cve_id(\n \"CVE-2020-9683\",\n \"CVE-2020-9684\",\n \"CVE-2020-9685\",\n \"CVE-2020-9686\",\n \"CVE-2020-9687\",\n \"CVE-2020-9709\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0332-S\");\n\n script_name(english:\"Adobe Photoshop CC 20.x < 20.0.10 / 21.x < 21.2.1 Multiple Vulnerabilities (APSB20-45)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"Adobe Photoshop installed on remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Photoshop CC or Photoshop installed on the remote Windows host is prior to 20.0.10/21.2.1. It is,\ntherefore, affected by multiple vulnerabilities as referenced in the apsb20-45 advisory.\n\n - Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability.\n Successful exploitation could lead to arbitrary code execution. (CVE-2020-9683, CVE-2020-9686)\n\n - Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability.\n Successful exploitation could lead to arbitrary code execution . (CVE-2020-9684, CVE-2020-9685,\n CVE-2020-9687)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/photoshop/apsb20-45.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Photoshop version 20.0.10/21.2.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-9684\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:photoshop\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:photoshop_cc\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"adobe_photoshop_installed.nasl\");\n script_require_keys(\"installed_sw/Adobe Photoshop\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\napp_info = vcf::get_app_info(app:'Adobe Photoshop', win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '20.0.0', 'max_version' : '20.0.9', 'fixed_version' : '20.0.10' },\n { 'min_version' : '21.0.0', 'max_version' : '21.2.0', 'fixed_version' : '21.2.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:49", "description": "The version of Adobe Photoshop CC or Photoshop installed on the remote macOS or Mac OS X host is prior to 20.0.10/21.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb20-45 advisory.\n\n - Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability.\n Successful exploitation could lead to arbitrary code execution. (CVE-2020-9683, CVE-2020-9686)\n\n - Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability.\n Successful exploitation could lead to arbitrary code execution . (CVE-2020-9684, CVE-2020-9685, CVE-2020-9687)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-03-10T00:00:00", "type": "nessus", "title": "Adobe Photoshop CC 20.x < 20.0.10 / 21.x < 21.2.1 Multiple Vulnerabilities (macOS APSB20-45)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9683", "CVE-2020-9684", "CVE-2020-9685", "CVE-2020-9686", "CVE-2020-9687", "CVE-2020-9709"], "modified": "2021-03-11T00:00:00", "cpe": ["cpe:/a:adobe:photoshop", "cpe:/a:adobe:photoshop_cc"], "id": "MACOS_ADOBE_PHOTOSHOP_APSB20-45.NASL", "href": "https://www.tenable.com/plugins/nessus/147620", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147620);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/11\");\n\n script_cve_id(\n \"CVE-2020-9683\",\n \"CVE-2020-9684\",\n \"CVE-2020-9685\",\n \"CVE-2020-9686\",\n \"CVE-2020-9687\",\n \"CVE-2020-9709\"\n );\n\n script_name(english:\"Adobe Photoshop CC 20.x < 20.0.10 / 21.x < 21.2.1 Multiple Vulnerabilities (macOS APSB20-45)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"Adobe Photoshop installed on remote macOS or Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Adobe Photoshop CC or Photoshop installed on the remote macOS or Mac OS X host is prior to\n20.0.10/21.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb20-45 advisory.\n\n - Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability.\n Successful exploitation could lead to arbitrary code execution. (CVE-2020-9683, CVE-2020-9686)\n\n - Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability.\n Successful exploitation could lead to arbitrary code execution . (CVE-2020-9684, CVE-2020-9685,\n CVE-2020-9687)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://helpx.adobe.com/security/products/photoshop/apsb20-45.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Photoshop version 20.0.10/21.2.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-9709\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:photoshop\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:photoshop_cc\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_adobe_photoshop_installed.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"installed_sw/Adobe Photoshop\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nget_kb_item_or_exit('Host/MacOSX/Version');\n\napp_info = vcf::get_app_info(app:'Adobe Photoshop');\n\nconstraints = [\n { 'min_version' : '20.0.0', 'max_version' : '20.0.9', 'fixed_version' : '20.0.10' },\n { 'min_version' : '21.0.0', 'max_version' : '21.2.0', 'fixed_version' : '21.2.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "adobe": [{"lastseen": "2023-12-02T17:29:34", "description": "Adobe has released updates for Photoshop for Windows and macOS. These updates resolve multiple [critical]() and [medium]() vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-07-21T00:00:00", "type": "adobe", "title": "APSB20-45 Security update available for Adobe Photoshop", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9683", "CVE-2020-9684", "CVE-2020-9685", "CVE-2020-9686", "CVE-2020-9687", "CVE-2020-9709"], "modified": "2020-07-21T00:00:00", "id": "APSB20-45", "href": "https://helpx.adobe.com/security/products/photoshop/apsb20-45.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}
CVE-2020-9709
