CVE-2015-3110

critical

Published 2015-06-24 · Modified 2026-05-06

CVSS v3

—

CVSS v2

10.0

VIR risk

10.0

Description

Integer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allows attackers to execute arbitrary code via unspecified vectors.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@adobe.com — https://helpx.adobe.com/security/products/photoshop/apsb15-12.html

vendor Authored 2026-05-27

Vendor advisory: psirt@adobe.com — https://helpx.adobe.com/security/products/bridge/apsb15-13.html

OS impact

OS	Version	Status	Fixed in
macos		not-affected

Application impact

Vendor	Product	Versions	Fixed
adobe	photoshop_cc	`{"endIncluding":"15.2.2"}`
adobe	bridge	`{"endIncluding":"6.1"}`

References

http://www.securityfocus.com/bid/75243
http://www.securitytracker.com/id/1032658
http://www.securitytracker.com/id/1032659
https://helpx.adobe.com/security/products/bridge/apsb15-13.html
https://helpx.adobe.com/security/products/photoshop/apsb15-12.html
http://www.securityfocus.com/bid/75243
http://www.securitytracker.com/id/1032658
http://www.securitytracker.com/id/1032659
https://helpx.adobe.com/security/products/bridge/apsb15-13.html
https://helpx.adobe.com/security/products/photoshop/apsb15-12.html

CWEs

CWE-189

Verify integrity in audit chain (admin only). AS-IS.