Out-of-bounds Write Vulnerability in Adobe Illustrator
CVE-2024-47452

7.8HIGH

Key Information:

Vendor: Adobe
Status: Illustrator
Vendor: CVE Published:; 12 November 2024

Summary

Adobe Illustrator versions 28.7.1 and earlier are vulnerable to an out-of-bounds write issue. This vulnerability poses a significant risk as it can lead to arbitrary code execution within the context of the current user. Successful exploitation of this vulnerability necessitates user interaction because the targeted user must open a specially crafted malicious file. It highlights the importance of being cautious when handling files from untrusted sources to mitigate potential threats.

References

https://helpx.adobe.com/security/products/illustrator/aps...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 12, 2024