Out-of-Bounds Read Vulnerability in Adobe Illustrator
CVE-2025-24448
5.5MEDIUM
Summary
Adobe Illustrator is impacted by an out-of-bounds read vulnerability that may allow attackers to disclose sensitive memory contents. Exploitation of this vulnerability necessitates user interaction, as it requires the victim to open a crafted malicious file. This weakness can also enable attackers to circumvent security measures like Address Space Layout Randomization (ASLR), posing a significant risk to user data and system integrity.
Affected Version(s)
Illustrator 0 <= 28.7.4
References
CVSS V3.1
Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved