Lucene search
AdobeCVE-2024-43758HistorySep 13, 2024 - 9:15 a.m.
CVE-2024-43758
2024-09-1309:15:11
CWE-416
adobe
web.nvd.nist.gov
23
illustrator
use after free
vulnerability
arbitrary code execution
user interaction
malicious file
cve-2024-43758
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
45.6%
Illustrator versions 28.6, 27.9.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Affected configurations
Node
adobeillustratorRange27.0.0–27.9.6
ORadobeillustratorRange28.0–28.7.1
applemacosMatch-
ORmicrosoftwindowsMatch-
CNA Affected
[
{
"defaultStatus": "affected",
"product": "Illustrator",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "27.9.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]Related
nvd
nvd
CVE-2024-43758
2024-09-13 09:15:11
cvelist
cvelist
CVE-2024-43758 Illustrator | Use After Free (CWE-416)
2024-09-13 08:37:30
vulnrichment
vulnrichment
CVE-2024-43758 Illustrator | Use After Free (CWE-416)
2024-09-13 08:37:30
nessus
nessus
adobe
adobe
APSB24-66 : Security update available for Adobe Illustrator
2024-09-10 00:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
45.6%
Related for CVE-2024-43758