CVE-2015-3110

Adobe Photoshop CC < 16.0 and Bridge CC < 6.11 - Remote Code Execution

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-3110. PoCs published by Francis Provencher.

AI-analyzed exploit summary The document describes a memory corruption vulnerability in Adobe Photoshop CC 2014 and Bridge CC 2014 due to improper handling of crafted GIF files with invalid 'ImageLeftPosition' values. It includes a timeline and references to PoC files but does not contain executable exploit code.

Description

Integer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allows attackers to execute arbitrary code via unspecified vectors.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Francis Provencher · textdoswindows
https://www.exploit-db.com/exploits/37347

The document describes a memory corruption vulnerability in Adobe Photoshop CC 2014 and Bridge CC 2014 due to improper handling of crafted GIF files with invalid 'ImageLeftPosition' values. It includes a timeline and references to PoC files but does not contain executable exploit code.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: Adobe Photoshop CC 2014, Adobe Bridge CC 2014
No auth needed
Prerequisites: User interaction to open a malicious GIF file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1032659
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/75243
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1032658

Scores

EPSS 0.1652
EPSS Percentile 96.6%

Details

CWE
CWE-189
Status published
Products (2)
adobe/bridge < 6.1
adobe/photoshop_cc < 15.2.2
Published Jun 24, 2015
Tracked Since Feb 18, 2026