Out-of-Bounds Write Vulnerability in Adobe Illustrator by Adobe
CVE-2024-47451

7.8HIGH

Key Information:

Vendor: Adobe
Status: Illustrator
Vendor: CVE Published:; 12 November 2024

Summary

Adobe Illustrator versions prior to 28.7.1 are susceptible to an out-of-bounds write vulnerability, which may lead to arbitrary code execution under the privileges of the current user. The exploitation of this vulnerability necessitates user interaction, as a targeted user must open a specifically crafted malicious file for the exploit to succeed. It is crucial for users of affected versions to remain vigilant and only open files from trusted sources to mitigate the risk associated with this security flaw.

References

https://helpx.adobe.com/security/products/illustrator/aps...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 12, 2024