VAR-201506-0077
Vulnerability from variot - Updated: 2025-04-13 23:18Heap-based buffer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allows attackers to execute arbitrary code via unspecified vectors. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts likely result in denial-of-service conditions. Adobe PS CC is a set of the latest image processing and drawing software. Adobe Bridge CC is the control center of Adobe Creative Suite (a product suite integrating graphic design, video editing, web design and other applications)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201506-0077",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "photoshop cc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.2.2"
},
{
"model": "bridge",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "6.1"
},
{
"model": "bridge cc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "6.1.1 (windows/macintosh)"
},
{
"model": "photoshop cc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "16.0 (2015.0.0) (windows/macintosh)"
},
{
"model": "photoshop cc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.2.2"
},
{
"model": "bridge",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.1"
},
{
"model": "photoshop cc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2014(15.2.2)(2014.2.2)"
},
{
"model": "photoshop cc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "201516.0(2015.0.0)"
}
],
"sources": [
{
"db": "BID",
"id": "75240"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-456"
},
{
"db": "NVD",
"id": "CVE-2015-3111"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:bridge_cc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:photoshop_cc",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Francis Provencher of Protek Research Labs",
"sources": [
{
"db": "BID",
"id": "75240"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-456"
}
],
"trust": 0.9
},
"cve": "CVE-2015-3111",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3111",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81072",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3111",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3111",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201506-456",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81072",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-3111",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81072"
},
{
"db": "VULMON",
"id": "CVE-2015-3111"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-456"
},
{
"db": "NVD",
"id": "CVE-2015-3111"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allows attackers to execute arbitrary code via unspecified vectors. \nAttackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts likely result in denial-of-service conditions. Adobe PS CC is a set of the latest image processing and drawing software. Adobe Bridge CC is the control center of Adobe Creative Suite (a product suite integrating graphic design, video editing, web design and other applications)",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3111"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
},
{
"db": "BID",
"id": "75240"
},
{
"db": "VULHUB",
"id": "VHN-81072"
},
{
"db": "VULMON",
"id": "CVE-2015-3111"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-81072",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=37348",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81072"
},
{
"db": "VULMON",
"id": "CVE-2015-3111"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3111",
"trust": 2.9
},
{
"db": "BID",
"id": "75240",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1032659",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1032658",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003255",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201506-456",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "37348",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-81072",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-3111",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81072"
},
{
"db": "VULMON",
"id": "CVE-2015-3111"
},
{
"db": "BID",
"id": "75240"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-456"
},
{
"db": "NVD",
"id": "CVE-2015-3111"
}
]
},
"id": "VAR-201506-0077",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81072"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:18:09.459000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-12",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/photoshop/apsb15-12.html"
},
{
"title": "APSB15-13",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/bridge/apsb15-13.html"
},
{
"title": "APSB15-12",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/photoshop/apsb15-12.html"
},
{
"title": "APSB15-13",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/bridge/apsb15-13.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81072"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
},
{
"db": "NVD",
"id": "CVE-2015-3111"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://helpx.adobe.com/security/products/photoshop/apsb15-12.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/75240"
},
{
"trust": 1.8,
"url": "https://helpx.adobe.com/security/products/bridge/apsb15-13.html"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1032658"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1032659"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3111"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3111"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/in/products/photoshop/features.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/37348/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39434"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81072"
},
{
"db": "VULMON",
"id": "CVE-2015-3111"
},
{
"db": "BID",
"id": "75240"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-456"
},
{
"db": "NVD",
"id": "CVE-2015-3111"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-81072"
},
{
"db": "VULMON",
"id": "CVE-2015-3111"
},
{
"db": "BID",
"id": "75240"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-456"
},
{
"db": "NVD",
"id": "CVE-2015-3111"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-24T00:00:00",
"db": "VULHUB",
"id": "VHN-81072"
},
{
"date": "2015-06-24T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3111"
},
{
"date": "2015-06-16T00:00:00",
"db": "BID",
"id": "75240"
},
{
"date": "2015-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003255"
},
{
"date": "2015-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-456"
},
{
"date": "2015-06-24T10:59:04.027000",
"db": "NVD",
"id": "CVE-2015-3111"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-28T00:00:00",
"db": "VULHUB",
"id": "VHN-81072"
},
{
"date": "2016-12-28T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3111"
},
{
"date": "2015-06-16T00:00:00",
"db": "BID",
"id": "75240"
},
{
"date": "2015-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003255"
},
{
"date": "2015-06-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-456"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-3111"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-456"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Photoshop CC and Adobe Bridge CC Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003255"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-456"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…