Unrated severityNVD Advisory· Published Jun 19, 2014· Updated May 6, 2026

CVE-2012-2052

Description

Stack-based buffer overflow in the U3D.8BI library plugin in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 12.1.x before 12.1.1 allows remote attackers to execute arbitrary code via a long Collada asset element in a DAE file, as demonstrated by the cameraYFov value in the contributor comments element.

Affected products

Adobe Inc./Photoshop Cs5.1
cpe:2.3:a:adobe:photoshop_cs5.1:12.1:*:*:*:*:*:*:*
Adobe Inc./Photoshop Cs55 versions
cpe:2.3:a:adobe:photoshop_cs5:12.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:adobe:photoshop_cs5:12.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop_cs5:12.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop_cs5:12.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop_cs5:12.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:photoshop_cs5:12.0.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

retrogod.altervista.org/9sg_photoshock_adv.htmnvdExploit
retrogod.altervista.org/9sg_photoshock_u3d.htmnvdExploit
seclists.org/bugtraq/2012/May/58nvdExploit
www.securityfocus.com/bid/53464nvdExploit
www.adobe.com/support/security/bulletins/apsb12-11.htmlnvdVendor Advisory
osvdb.org/show/osvdb/81832nvd
secunia.com/advisories/49160nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.046
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000