CVE-2016-0951

CRITICAL

Adobe Photoshop CC <15.2.4 & Bridge CC <6.2 - Memory Corruption

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-0951. PoCs published by Francis Provencher.

AI-analyzed exploit summary This is a writeup describing a memory corruption vulnerability in Adobe Photoshop CC and Bridge CC due to malformed PNG file parsing. The vulnerability allows remote code execution when a user opens a malicious PNG file with an invalid uint32 Length field.

Description

Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0952 and CVE-2016-0953.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Francis Provencher · textdoswindows
https://www.exploit-db.com/exploits/39429

This is a writeup describing a memory corruption vulnerability in Adobe Photoshop CC and Bridge CC due to malformed PNG file parsing. The vulnerability allows remote code execution when a user opens a malicious PNG file with an invalid uint32 Length field.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: Adobe Photoshop CC 16.1.1 (2015.1.1) and earlier, Adobe Bridge CC 6.1.1 and earlier
No auth needed
Prerequisites: User interaction to open a malicious PNG file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Patch, Vendor Advisory x_refsource_confirm
https://helpx.adobe.com/security/products/photoshop/apsb16-03.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1034979
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/39429/

Scores

CVSS v3 9.8
EPSS 0.1755
EPSS Percentile 95.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (2)
adobe/bridge_cc < 6.1
adobe/photoshop_cc < 16.1.1
Published Feb 10, 2016
Tracked Since Feb 18, 2026