Rewterz Threat Advisory – Multiple Adobe Premiere Rush Vulnerabilties
February 15, 2023Rewterz Threat Advisory – Multiple Adobe Bridge Vulnerabilties
February 15, 2023Rewterz Threat Advisory – Multiple Adobe Premiere Rush Vulnerabilties
February 15, 2023Rewterz Threat Advisory – Multiple Adobe Bridge Vulnerabilties
February 15, 2023Severity
Medium
Analysis Summary
CVE-2023-21578 CVSS:5.5
Adobe Photoshop could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2023-21577 CVSS:5.5
Adobe Photoshop could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2023-21576 CVSS:7.8
Adobe Photoshop could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.
CVE-2023-21574 CVSS:7.8
Adobe Photoshop could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.
CVE-2023-21575 CVSS:7.8
Adobe Photoshop could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.
Impact
- Code Execution
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-21578
- CVE-2023-21577
- CVE-2023-21576
- CVE-2023-21574
- CVE-2023-21575
Affected Vendors
Adobe
Affected Products
- Adobe Photoshop 2022 23.5.3
- Adobe Photoshop 2023 24.1
Remediation
Refer to Adobe Security Bulletin for patch, upgrade or suggested workaround information.