VIR Vulnerability Intelligence Relay

CVE-2012-2027

critical
Published 2012-05-09 ยท Modified 2026-04-29
๐Ÿ’ฌ Discuss on Community โœš Propose mitigation
CVSS v3
โ€”
CVSS v4 NEW
โ€”
not yet in upstream
VIR risk
10.0

Description

Use-after-free vulnerability in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 12.1.x before 12.1.1 allows remote attackers to execute arbitrary code via a crafted TIFF (aka .TIF) file.

Predictions

Exploit likelihood
20%
Patch ETA
โ€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ€” if you've already worked around this in production โ€” publish your fix to the community-verified tier.

โœš Propose a mitigation on Community โ†’ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

Exploits

Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.

Exploit-DB

EDB-18633 dos windows verified text ยท 3 KB
Francis Provencher ยท 2012-03-20

Adobe Photoshop 12.1 - '.tiff' Parsing Use-After-Free

text exploit Source: Exploit-DB 
#####################################################################################

Application:   Adobe Photoshop 12.1 Tiff Parsing Use-After-Free

Platforms:   Windows

{PRL}:   2012-07

Author:   Francis Provencher (Protek Research Lab's)

Website:   http://www.protekresearchlab.com/

Twitter:   @ProtekResearch


#####################################################################################

1) Introduction
2) Report Timeline
3) Technical details
4) POC


#####################################################################################

===============
1) Introduction
===============

 

Adobe Photoshop is a graphics editing program developed and published by Adobe Systems Incorporated.

Adobe's 2003 "Creative Suite" rebranding led to Adobe Photoshop 8's renaming to Adobe Photoshop CS.

Thus, Adobe Photoshop CS5 is the 12th major release of Adobe Photoshop. The CS rebranding also resulted

in Adobe offering numerous software packages containing multiple Adobe programs for a reduced price.

Adobe Photoshop is released in two editions: Adobe Photoshop, and Adobe Photoshop Extended, with the

Extended having extra 3D image creation, motion graphics editing, and advanced image analysis features.[6]

Adobe Photoshop Extended is included in all of Adobe's Creative Suite offerings except Design Standard,

which includes the Adobe Photoshop edition. Alongside Photoshop and Photoshop Extended, Adobe also

publishes Photoshop Elements and Photoshop Lightroom, collectively called "The Adobe Photoshop Family".

In 2008, Adobe released Adobe Photoshop Express, a free web-based image editing tool to edit photos directly

on blogs and social networking sites; in 2011 a version was released for the Android operating system and the

iOS operating system.[7][8] Adobe only supports Windows and Macintosh versions of Photoshop, but using Wine,

Photoshop CS5 can run well on Linux

 

(http://en.wikipedia.org/wiki/Adobe_Photoshop)

#####################################################################################

============================
2) Report Timeline
============================

2011-09-20  Vulnerability reported to Adobe
2012-03-20  Publication of this advisory (180 days after reporting to the vendor)


#####################################################################################

============================
3) Technical details
============================

 

The vulnerability is caused due to an error when processing Tiff file format image, which can be exploited to cause

a use-after-free by e.g. tricking a user into opening a specially crafted file.

 


#####################################################################################

===========
4) POC
===========

http://www.protekresearchlab.com/exploits/PRL-2012-07.tif
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19338.tif

Application impact
VendorProductVersionsFixed
adobe adobephotoshop
adobe adobephotoshop2.5
adobe adobephotoshop3.0
adobe adobephotoshop4.0
adobe adobephotoshop5.0
adobe adobephotoshop6.0
adobe adobephotoshop6.0.1
adobe adobephotoshop7.0
adobe adobephotoshop7.0.1
adobe adobephotoshop8.0
adobe adobephotoshop9.0
adobe adobephotoshop9.0.1
adobe adobephotoshop9.0.2
adobe adobephotoshop10.0
adobe adobephotoshop10.0.1
adobe adobephotoshop11.0
adobe adobephotoshop11.0.1
adobe adobephotoshop11.0.2
adobe adobephotoshop11.0.4
adobe adobephotoshop12.0.0
adobe adobephotoshop12.0.1
adobe adobephotoshop12.0.2
adobe adobephotoshop12.0.3
adobe adobephotoshop12.0.4
adobe adobephotoshop_cs411.0
adobe adobephotoshop_cs5.5{"endIncluding":"12.0"}

References

CWEs

CWE-399

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.