Vulnerability-Lookup

CVE-2012-5679 (GCVE-0-2012-5679)

Vulnerability from cvelistv5 – Published: 2012-12-13 11:00 – Updated: 2024-09-16 20:17

Summary

Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors.

Severity ?

No CVSS data available.

CWE

Assigner

adobe

References

URL

Tags

http://www.adobe.com/support/security/bulletins/a…

x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:14:16.349Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.adobe.com/support/security/bulletins/apsb12-28.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-12-13T11:00:00Z",
        "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "shortName": "adobe"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.adobe.com/support/security/bulletins/apsb12-28.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@adobe.com",
          "ID": "CVE-2012-5679",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb12-28.html",
              "refsource": "CONFIRM",
              "url": "http://www.adobe.com/support/security/bulletins/apsb12-28.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
    "assignerShortName": "adobe",
    "cveId": "CVE-2012-5679",
    "datePublished": "2012-12-13T11:00:00Z",
    "dateReserved": "2012-10-29T00:00:00Z",
    "dateUpdated": "2024-09-16T20:17:51.411Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-5679\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2012-12-13T11:53:49.227\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors.\"},{\"lang\":\"es\",\"value\":\"Un desbordamiento de b\u00fafer en Adobe Photoshop Camera Raw antes de v7.3 permite a los atacantes de ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores no especificados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.2\",\"matchCriteriaId\":\"3D655F1D-AA28-443D-8CE7-4CBFDB8F42C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69E001B3-BA60-41E1-A924-7E3266325397\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FD3EF78-09A5-411D-B67F-5237590A07B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85778D2B-73E6-4F4D-95EF-5B74EA4933FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F786FBED-43CC-4476-8D55-B71AD4F0A3BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C403CD7B-EAF0-464F-8EF4-E172A01DE468\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4096F66B-6FA8-44F9-ACA2-E8E685A0D49B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4471371-9277-48A3-97BF-A3B107DB18B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"692E4373-0BBA-42CA-8871-D5E26B8DC0C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D4C5E29-0AB9-412B-B247-A74575F27F88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84D3D246-1B37-4FB1-AAD4-9527443E35DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC4887F0-C6F2-44AB-B75A-7DE063B1EA90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90EB9484-A6C4-4329-9387-32C585B7140B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32F01E47-9A62-41FB-9334-901FFC465652\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D672728C-8324-433B-809F-E508C446ACE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:4.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"649BA9DD-3C48-4911-86FE-8243A5A004AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:4.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48BC7021-9EDC-4C6C-B4B9-4F9D38288C43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6FBF23-6839-4A71-8362-1001ABC5E632\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B7C22A4-DAF9-46E4-BE7A-C2C44EE3A65D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A631CAD7-E7C0-4E3C-8F9A-D588ABB9DCD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F53706BA-2998-4C0F-AB43-41254E0C38C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"095D0A24-824B-44E2-B80B-1FB0D9562CB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A2C54EB-CA8E-4076-8904-C252887E3835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEAD4430-1677-4AB4-8B3D-310F5EC8A111\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:camera_raw:5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B0B812E-6615-4A54-9A86-AF8613627EF2\"}]}]}],\"references\":[{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb12-28.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb12-28.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

GSD-2012-5679

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors.

Aliases

CVE-2012-5679

Aliases

CVE-2012-5679

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-5679",
    "description": "Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors.",
    "id": "GSD-2012-5679"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-5679"
      ],
      "details": "Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors.",
      "id": "GSD-2012-5679",
      "modified": "2023-12-13T01:20:18.994458Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@adobe.com",
        "ID": "CVE-2012-5679",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.adobe.com/support/security/bulletins/apsb12-28.html",
            "refsource": "CONFIRM",
            "url": "http://www.adobe.com/support/security/bulletins/apsb12-28.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:4.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:3.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:3.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:4.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:4.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:3.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:5.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:camera_raw:2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@adobe.com",
          "ID": "CVE-2012-5679"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb12-28.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.adobe.com/support/security/bulletins/apsb12-28.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2012-12-13T11:53Z",
      "publishedDate": "2012-12-13T11:53Z"
    }
  }
}

CERTA-2013-AVI-381

Vulnerability from certfr_avis - Published: 2013-06-28 - Updated: 2013-06-28

De multiples vulnérabilités ont été corrigées dans Adobe Photoshop Camera Raw. Elles permettent à un attaquant de provoquer une exécution de code arbitraire.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Adobe	N/A	Adobe Photoshop Camera Raw versions 7.2 et antérieures
	Adobe	N/A	Adobe Photoshop Camera Raw versions 6.7 et antérieures

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe du 27 juin 2013

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Adobe Photoshop Camera Raw versions 7.2 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Photoshop Camera Raw versions 6.7 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-5679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5679"
    },
    {
      "name": "CVE-2012-5680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5680"
    }
  ],
  "initial_release_date": "2013-06-28T00:00:00",
  "last_revision_date": "2013-06-28T00:00:00",
  "links": [],
  "reference": "CERTA-2013-AVI-381",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-06-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eAdobe Photoshop Camera Raw\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Photoshop Camera Raw",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe du 27 juin 2013",
      "url": "http://www.adobe.com/support/security/bulletins/apsb12-28.html"
    }
  ]
}

CERTA-2012-AVI-738

Vulnerability from certfr_avis - Published: 2012-12-14 - Updated: 2012-12-14

Deux vulnérabilités ont été corrigées dans Adobe Photoshop Camera Raw. Elles peuvent mener un utilisateur malintentionné à exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Adobe Photoshop Camera Raw 7.2 et antérieures

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe apsb12-28 du 12 décembre 2012

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eAdobe Photoshop Camera Raw 7.2 et ant\u00e9rieures\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-5679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5679"
    },
    {
      "name": "CVE-2012-5680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5680"
    }
  ],
  "initial_release_date": "2012-12-14T00:00:00",
  "last_revision_date": "2012-12-14T00:00:00",
  "links": [],
  "reference": "CERTA-2012-AVI-738",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-12-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan class=\"textit\"\u003eAdobe\nPhotoshop Camera Raw\u003c/span\u003e. Elles peuvent mener un utilisateur\nmalintentionn\u00e9 \u00e0 ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Adobe Photoshop Camera Raw",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb12-28 du 12 d\u00e9cembre 2012",
      "url": "http://www.adobe.com/support/security/bulletins/apsb12-28.html"
    }
  ]
}

FKIE_CVE-2012-5679

Vulnerability from fkie_nvd - Published: 2012-12-13 11:53 - Updated: 2025-04-11 00:51

Severity ?

Summary

Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors.

References

	URL	Tags
	psirt@adobe.com	http://www.adobe.com/support/security/bulletins/apsb12-28.html	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://www.adobe.com/support/security/bulletins/apsb12-28.html	Vendor Advisory

Impacted products

Vendor	Product	Version
adobe	camera_raw	*
adobe	camera_raw	2.1
adobe	camera_raw	2.2
adobe	camera_raw	2.3
adobe	camera_raw	2.4
adobe	camera_raw	3.1
adobe	camera_raw	3.2
adobe	camera_raw	3.3
adobe	camera_raw	3.4
adobe	camera_raw	3.5
adobe	camera_raw	3.6
adobe	camera_raw	3.7
adobe	camera_raw	4.0
adobe	camera_raw	4.1
adobe	camera_raw	4.2
adobe	camera_raw	4.3.1
adobe	camera_raw	4.4.1
adobe	camera_raw	4.5
adobe	camera_raw	4.6
adobe	camera_raw	5.0
adobe	camera_raw	5.1
adobe	camera_raw	5.2
adobe	camera_raw	5.3
adobe	camera_raw	5.4
adobe	camera_raw	5.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D655F1D-AA28-443D-8CE7-4CBFDB8F42C4",
              "versionEndIncluding": "7.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "69E001B3-BA60-41E1-A924-7E3266325397",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FD3EF78-09A5-411D-B67F-5237590A07B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "85778D2B-73E6-4F4D-95EF-5B74EA4933FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F786FBED-43CC-4476-8D55-B71AD4F0A3BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C403CD7B-EAF0-464F-8EF4-E172A01DE468",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4096F66B-6FA8-44F9-ACA2-E8E685A0D49B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4471371-9277-48A3-97BF-A3B107DB18B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E4373-0BBA-42CA-8871-D5E26B8DC0C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D4C5E29-0AB9-412B-B247-A74575F27F88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "84D3D246-1B37-4FB1-AAD4-9527443E35DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC4887F0-C6F2-44AB-B75A-7DE063B1EA90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90EB9484-A6C4-4329-9387-32C585B7140B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "32F01E47-9A62-41FB-9334-901FFC465652",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D672728C-8324-433B-809F-E508C446ACE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:4.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "649BA9DD-3C48-4911-86FE-8243A5A004AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:4.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BC7021-9EDC-4C6C-B4B9-4F9D38288C43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6FBF23-6839-4A71-8362-1001ABC5E632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B7C22A4-DAF9-46E4-BE7A-C2C44EE3A65D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A631CAD7-E7C0-4E3C-8F9A-D588ABB9DCD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F53706BA-2998-4C0F-AB43-41254E0C38C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "095D0A24-824B-44E2-B80B-1FB0D9562CB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A2C54EB-CA8E-4076-8904-C252887E3835",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEAD4430-1677-4AB4-8B3D-310F5EC8A111",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:camera_raw:5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0B812E-6615-4A54-9A86-AF8613627EF2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer en Adobe Photoshop Camera Raw antes de v7.3 permite a los atacantes de ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2012-5679",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-12-13T11:53:49.227",
  "references": [
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.adobe.com/support/security/bulletins/apsb12-28.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.adobe.com/support/security/bulletins/apsb12-28.html"
    }
  ],
  "sourceIdentifier": "psirt@adobe.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201212-0240

Vulnerability from variot - Updated: 2025-04-11 23:01

Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors. Adobe Photoshop Camera Raw is prone to a buffer-underflow vulnerability. Successful exploits will compromise the affected application and possibly the underlying computer. Failed exploit attempts may cause a denial-of-service condition. Adobe Photoshop Camera Raw versions prior to 7.3 are vulnerable. Adobe Photoshop (PS) is a set of image processing and drawing software from Adobe Corporation of the United States. ----------------------------------------------------------------------

The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/

TITLE: Adobe Camera Raw Plug-in TIFF Image Processing Two Vulnerabilities

SECUNIA ADVISORY ID: SA49929

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49929/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49929

RELEASE DATE: 2012-12-13

DISCUSS ADVISORY: http://secunia.com/advisories/49929/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/49929/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=49929

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Two vulnerabilities have been discovered in Adobe Camera Raw Plug-in, which can be exploited by malicious people to compromise a user's system.

1) An error in the "Camera Raw.8bi" plug-in when processing a LZW compressed TIFF image can be exploited to cause a heap-based buffer underflow via a specially crafted LZW code within an image row strip.

2) An integer overflow error in the "Camera Raw.8bi" plug-in when allocating memory during TIFF image processing can be exploited to cause a heap-based buffer overflow via specially crafted image dimensions.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code, but requires tricking a user into opening or previewing a malicious file.

The vulnerabilities are reported in the plug-in version 7.2 and prior, confirmed in: * Adobe Bridge CS6 version 5.0.0.399.

SOLUTION: Update the plug-in to version 7.3 via the application's update mechanism.

PROVIDED AND/OR DISCOVERED BY: 1) Francis Provencher via Secunia. 2) Dmitriy Pletnev, Secunia Research.

ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2012-31/

Adobe (APSB12-28): http://www.adobe.com/support/security/bulletins/apsb12-28.html

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201212-0240",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "5.2"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "3.2"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "3.4"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "2.4"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "2.3"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "3.5"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "3.3"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "3.6"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "3.1"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "adobe",
        "version": "2.2"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "5.5"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "5.1"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "4.4.1"
      },
      {
        "model": "camera raw",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "7.2"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "4.1"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "5.0"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "2.1"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "4.0"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "5.4"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "4.2"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "3.7"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "4.5"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "4.3.1"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "5.3"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "4.6"
      },
      {
        "model": "photoshop camera raw",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "7.3   (windows and  macintosh)"
      },
      {
        "model": "camera raw",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "7.2"
      },
      {
        "model": "camera raw",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "7.3"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "56922"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005715"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201212-190"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-5679"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:adobe:camera_raw",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005715"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Francis Provencher via Secunia",
    "sources": [
      {
        "db": "BID",
        "id": "56922"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2012-5679",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2012-5679",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-58960",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2012-5679",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2012-5679",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201212-190",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-58960",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-58960"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005715"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201212-190"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-5679"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors. Adobe Photoshop Camera Raw is prone to a buffer-underflow vulnerability. Successful exploits will compromise the affected application and possibly the underlying computer. Failed exploit attempts may cause a denial-of-service condition. \nAdobe Photoshop Camera Raw versions prior to 7.3 are vulnerable. Adobe Photoshop (PS) is a set of image processing and drawing software from Adobe Corporation of the United States. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Camera Raw Plug-in TIFF Image Processing Two Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49929\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49929/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49929\n\nRELEASE DATE:\n2012-12-13\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49929/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49929/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49929\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nTwo vulnerabilities have been discovered in Adobe Camera Raw Plug-in,\nwhich can be exploited by malicious people to compromise a user\u0027s\nsystem. \n\n1) An error in the \"Camera Raw.8bi\" plug-in when processing a LZW\ncompressed TIFF image can be exploited to cause a heap-based buffer\nunderflow via a specially crafted LZW code within an image row\nstrip. \n\n2) An integer overflow error in the \"Camera Raw.8bi\" plug-in when\nallocating memory during TIFF image processing can be exploited to\ncause a heap-based buffer overflow via specially crafted image\ndimensions. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code, but requires tricking a user into opening or\npreviewing a malicious file. \n\nThe vulnerabilities are reported in the plug-in version 7.2 and\nprior, confirmed in:\n* Adobe Bridge CS6 version 5.0.0.399. \n\nSOLUTION:\nUpdate the plug-in to version 7.3 via the application\u0027s update\nmechanism. \n\nPROVIDED AND/OR DISCOVERED BY:\n1) Francis Provencher via Secunia. \n2) Dmitriy Pletnev, Secunia Research. \n\nORIGINAL ADVISORY:\nSecunia Research:\nhttp://secunia.com/secunia_research/2012-31/\n\nAdobe (APSB12-28):\nhttp://www.adobe.com/support/security/bulletins/apsb12-28.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-5679"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005715"
      },
      {
        "db": "BID",
        "id": "56922"
      },
      {
        "db": "VULHUB",
        "id": "VHN-58960"
      },
      {
        "db": "PACKETSTORM",
        "id": "118823"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-5679",
        "trust": 2.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005715",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201212-190",
        "trust": 0.7
      },
      {
        "db": "SECUNIA",
        "id": "49929",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "56922",
        "trust": 0.4
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-60514",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-58960",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "118823",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-58960"
      },
      {
        "db": "BID",
        "id": "56922"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005715"
      },
      {
        "db": "PACKETSTORM",
        "id": "118823"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201212-190"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-5679"
      }
    ]
  },
  "id": "VAR-201212-0240",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-58960"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2025-04-11T23:01:52.374000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "APSB12-28",
        "trust": 0.8,
        "url": "http://www.adobe.com/support/security/bulletins/apsb12-28.html"
      },
      {
        "title": "APSB12-28",
        "trust": 0.8,
        "url": "http://helpx.adobe.com/jp/photoshop/kb/cq11281734.html?sdid=ISBTR"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005715"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-58960"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005715"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-5679"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://www.adobe.com/support/security/bulletins/apsb12-28.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5679"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5679"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/49929"
      },
      {
        "trust": 0.3,
        "url": "http://www.adobe.com/products/photoshop/extend.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_research/2012-31/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49929"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49929/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/blog/325/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49929/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-58960"
      },
      {
        "db": "BID",
        "id": "56922"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005715"
      },
      {
        "db": "PACKETSTORM",
        "id": "118823"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201212-190"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-5679"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-58960"
      },
      {
        "db": "BID",
        "id": "56922"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005715"
      },
      {
        "db": "PACKETSTORM",
        "id": "118823"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201212-190"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-5679"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-12-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-58960"
      },
      {
        "date": "2012-12-12T00:00:00",
        "db": "BID",
        "id": "56922"
      },
      {
        "date": "2012-12-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-005715"
      },
      {
        "date": "2012-12-13T06:14:35",
        "db": "PACKETSTORM",
        "id": "118823"
      },
      {
        "date": "2012-12-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201212-190"
      },
      {
        "date": "2012-12-13T11:53:49.227000",
        "db": "NVD",
        "id": "CVE-2012-5679"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-12-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-58960"
      },
      {
        "date": "2012-12-12T00:00:00",
        "db": "BID",
        "id": "56922"
      },
      {
        "date": "2012-12-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-005715"
      },
      {
        "date": "2012-12-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201212-190"
      },
      {
        "date": "2025-04-11T00:51:21.963000",
        "db": "NVD",
        "id": "CVE-2012-5679"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201212-190"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Adobe Photoshop Camera Raw Vulnerable to arbitrary code execution",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005715"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201212-190"
      }
    ],
    "trust": 0.6
  }
}

GHSA-2F73-H3R6-CPF4

Vulnerability from github – Published: 2022-05-17 05:17 – Updated: 2022-05-17 05:17

Details

Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-5679"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-12-13T11:53:00Z",
    "severity": "HIGH"
  },
  "details": "Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors.",
  "id": "GHSA-2f73-h3r6-cpf4",
  "modified": "2022-05-17T05:17:54Z",
  "published": "2022-05-17T05:17:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5679"
    },
    {
      "type": "WEB",
      "url": "http://www.adobe.com/support/security/bulletins/apsb12-28.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2012-5679 (GCVE-0-2012-5679)

GSD-2012-5679

CERTA-2013-AVI-381

Solution

CERTA-2012-AVI-738

Solution

FKIE_CVE-2012-5679

VAR-201212-0240

GHSA-2F73-H3R6-CPF4

Tags

Sightings

Nomenclature