CVE-2015-3112

Adobe Photoshop CC <16.0 - Memory Corruption

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-3112. PoCs published by Francis Provencher.

AI-analyzed exploit summary The document describes a memory corruption vulnerability in Adobe Photoshop CC 2014 and Bridge CC 2014 due to improper handling of oversized 'Length' values in PNG chunk structures. Exploitation requires user interaction to open a malicious PNG file, potentially leading to arbitrary code execution.

Description

Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Francis Provencher · textdoswindows
https://www.exploit-db.com/exploits/37348

The document describes a memory corruption vulnerability in Adobe Photoshop CC 2014 and Bridge CC 2014 due to improper handling of oversized 'Length' values in PNG chunk structures. Exploitation requires user interaction to open a malicious PNG file, potentially leading to arbitrary code execution.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: Adobe Photoshop CC 2014, Adobe Bridge CC 2014
No auth needed
Prerequisites: User interaction to open a malicious PNG file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1032659
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/75245
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1032658

Scores

EPSS 0.1429
EPSS Percentile 96.1%

Details

CWE
CWE-119
Status published
Products (2)
adobe/bridge < 6.1
adobe/photoshop_cc < 15.2.2
Published Jun 24, 2015
Tracked Since Feb 18, 2026