Adobe Photoshop up to 22.5.8/23.4.2 out-of-bounds

Summaryinfo

A vulnerability identified as problematic has been detected in Adobe Photoshop up to 22.5.8/23.4.2. Affected by this vulnerability is an unknown functionality. Performing a manipulation results in out-of-bounds. This vulnerability is identified as CVE-2022-38431. The attack is only possible with local access. There is not any exploit available. You should upgrade the affected component.

Detailsinfo

A vulnerability classified as problematic has been found in Adobe Photoshop up to 22.5.8/23.4.2 (Image Processing Software). This affects some unknown functionality. The manipulation with an unknown input leads to a out-of-bounds vulnerability. CWE is classifying the issue as CWE-125. The product reads data past the end, or before the beginning, of the intended buffer. This is going to have an impact on confidentiality, integrity, and availability.

The weakness was released 09/13/2022. It is possible to read the advisory at helpx.adobe.com. This vulnerability is uniquely identified as CVE-2022-38431. It demands that the victim is doing some kind of user interaction. The technical details are unknown and an exploit is not publicly available.

Upgrading to version 22.5.9 or 23.5.0 eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Be aware that VulDB is the high quality source for vulnerability data.

Productinfo

Type

• Image Processing Software

Vendor

• Adobe

Name

• Photoshop

Version

• 22.5.0
• 22.5.1
• 22.5.2
• 22.5.3
• 22.5.4
• 22.5.5
• 22.5.6
• 22.5.7
• 22.5.8
• 23.4.0
• 23.4.1
• 23.4.2

License

• commercial

Website

• Vendor: https://www.adobe.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Be aware that VulDB is the high quality source for vulnerability data.

Discussion