CVE-2012-2052

2014-06-1920:55:09

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.896

Percentile

98.8%

JSON

Stack-based buffer overflow in the U3D.8BI library plugin in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 12.1.x before 12.1.1 allows remote attackers to execute arbitrary code via a long Collada asset element in a DAE file, as demonstrated by the cameraYFov value in the contributor comments element.

Affected configurations

Nvd

Node

adobephotoshop_cs5Match12.0

adobephotoshop_cs5Match12.0.1

adobephotoshop_cs5Match12.0.2

adobephotoshop_cs5Match12.0.3

adobephotoshop_cs5Match12.0.4

adobephotoshop_cs5.1Match12.1

VendorProductVersionCPE
adobephotoshop_cs512.0cpe:2.3:a:adobe:photoshop_cs5:12.0:*:*:*:*:*:*:*
adobephotoshop_cs512.0.1cpe:2.3:a:adobe:photoshop_cs5:12.0.1:*:*:*:*:*:*:*
adobephotoshop_cs512.0.2cpe:2.3:a:adobe:photoshop_cs5:12.0.2:*:*:*:*:*:*:*
adobephotoshop_cs512.0.3cpe:2.3:a:adobe:photoshop_cs5:12.0.3:*:*:*:*:*:*:*
adobephotoshop_cs512.0.4cpe:2.3:a:adobe:photoshop_cs5:12.0.4:*:*:*:*:*:*:*
adobephotoshop_cs5.112.1cpe:2.3:a:adobe:photoshop_cs5.1:12.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	photoshop_cs5	12.0	cpe:2.3:a:adobe:photoshop_cs5:12.0:::::::*
adobe	photoshop_cs5	12.0.1	cpe:2.3:a:adobe:photoshop_cs5:12.0.1:::::::*
adobe	photoshop_cs5	12.0.2	cpe:2.3:a:adobe:photoshop_cs5:12.0.2:::::::*
adobe	photoshop_cs5	12.0.3	cpe:2.3:a:adobe:photoshop_cs5:12.0.3:::::::*
adobe	photoshop_cs5	12.0.4	cpe:2.3:a:adobe:photoshop_cs5:12.0.4:::::::*
adobe	photoshop_cs5.1	12.1	cpe:2.3:a:adobe:photoshop_cs5.1:12.1:::::::*