Photoshop Desktop versions 24.7.3, 25.11 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
History

Mon, 18 Nov 2024 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Adobe photoshop
Apple
Apple macos
Microsoft
Microsoft windows
CPEs cpe:2.3:a:adobe:photoshop:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Adobe photoshop
Apple
Apple macos
Microsoft
Microsoft windows

Tue, 12 Nov 2024 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Adobe
Adobe photoshop 2023
Adobe photoshop 2024
CPEs cpe:2.3:a:adobe:photoshop_2023:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:photoshop_2024:*:*:*:*:*:*:*:*
Vendors & Products Adobe
Adobe photoshop 2023
Adobe photoshop 2024
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 12 Nov 2024 17:15:00 +0000

Type Values Removed Values Added
Description Photoshop Desktop versions 24.7.3, 25.11 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Title Photoshop Desktop | Integer Underflow (Wrap or Wraparound) (CWE-191)
Weaknesses CWE-191
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2024-11-12T16:59:43.186Z

Updated: 2024-11-12T17:23:37.453Z

Reserved: 2024-10-15T15:35:47.027Z

Link: CVE-2024-49514

cve-icon Vulnrichment

Updated: 2024-11-12T17:23:22.752Z

cve-icon NVD

Status : Analyzed

Published: 2024-11-12T17:15:08.490

Modified: 2024-11-18T18:06:39.030

Link: CVE-2024-49514

cve-icon Redhat

No data.