CVE-2016-0951

CRITICAL

Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0952 and CVE-2016-0953.

Published: Feb 10, 2016 Modified: May 6, 2026

CWE-119

CVSS Metrics

CVSSv3

Attack Vector: NETWORK Attack Complexity: LOW Privileges Required: NONE User Interaction: NONE Scope: UNCHANGED Confidentiality Impact: HIGH Integrity Impact: HIGH Availability Impact: HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products (2)

Vendor	Product	Version
adobe	bridge_cc	*
adobe	photoshop_cc	*

GitHub Security Advisory GHSA-3j54-7r73-qgxr

Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2...

References (6)

http://www.securitytracker.com/id/1034979
https://helpx.adobe.com/security/products/photoshop/apsb16-03.html Patch, Vendor Advisory
https://www.exploit-db.com/exploits/39429/
http://www.securitytracker.com/id/1034979
https://helpx.adobe.com/security/products/photoshop/apsb16-03.html Patch, Vendor Advisory
https://www.exploit-db.com/exploits/39429/

Risk Scores

CVSS Score 9.8 / 10

EPSS Score 17.55%

Top 5% most likely to be exploited

Threat Score 44.5 / 100

Data Sources

NVD EPSS GitHub