19 matches found
CVE-2024-20798
Adobe Illustrator CVE-2024-20798 affects versions 28.3, 27.9.2 and earlier, due to an out-of-bounds read that can disclose memory and bypass ASLR. Exploitation requires opening a malicious file. The issue is addressed by the APSB24-25 update; remediation is to upgrade to non-affected versions (e....
CVE-2024-20791
CVE-2024-20791 affects Adobe Illustrator versions 28.4, 27.9.3 and earlier, due to an out-of-bounds read when parsing a crafted file, which could allow code execution in the current user’s context. Exploitation requires user interaction (opening a malicious file). Connected documents also indicat...
CVE-2024-49538
CVE-2024-49538 (Adobe Illustrator) is an out-of-bounds write vulnerability affecting Illustrator versions 29.0.0, 28.7.2 and earlier, with arbitrary code execution in the context of the current user. Exploitation requires a user to open a malicious file (user interaction). Multiple sources confir...
CVE-2024-47456
CVE-2024-47456 affects Adobe Illustrator versions 28.7.1 and earlier. The issue is an out-of-bounds read that could disclose sensitive memory and potentially bypass mitigations such as ASLR. Exploitation requires user interaction; a victim must open a crafted malicious file. Connected sources cor...
CVE-2024-30271
Adobe Illustrator is affected by CVE-2024-30271 and related CVEs (30272, 30273, 20798) as part of APSB24-25. The issues are characterized as out-of-bounds write, stack-based buffer overflow, and out-of-bounds read vulnerabilities in Illustrator versions 28.3, 27.9.2 and earlier, allowing arbitrar...
CVE-2024-20792
Adobe Illustrator CVE-2024-20792 is a Use-After-Free vulnerability affecting Illustrator 28.4, 27.9.3 and earlier, enabling arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. The issue is documented across mult...
CVE-2024-30273
CVE-2024-30273 (Adobe Illustrator) affects Illustrator versions 28.3, 27.9.2 and earlier. The issue is a stack-based buffer overflow in PS file parsing that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). ...
CVE-2024-41857
Adobe Illustrator is affected by CVE-2024-41857 (Integer Underflow) in versions 28.6, 27.9.5 and earlier, enabling arbitrary code execution in the user’s context. Exploitation requires user interaction (opening a malicious file). Affected product/versions noted in multiple sources; advisory APSB2...
CVE-2024-20793
CVE-2024-20793 affects Adobe Illustrator versions 28.4, 27.9.3 and earlier, due to an out-of-bounds read that can disclose memory and bypass mitigations like ASLR. Exploitation requires user interaction (victim must open a malicious file). Public references consistently describe this as part of A...
CVE-2024-30272
CVE-2024-30272 affects Adobe Illustrator versions 28.3, 27.9.2 and earlier. It is an out-of-bounds write vulnerability that could lead to arbitrary code execution in the current user context . Exploitation requires user interaction (opening a malicious file). Connected sources also list related C...
CVE-2024-45114
Adobe Illustrator 28.7.1 and earlier suffers an out-of-bounds write (CWE-787) that can allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). Affected platforms include Windows and macOS; vulnerability identif...
CVE-2024-49541
Adobe Illustrator is affected by CVE-2024-49541 (and related CVEs) describing an out-of-bounds read vulnerability in Illustrator 29.0.0, 28.7.2 and earlier that could disclose memory, and an out-of-bounds write vulnerability that could allow arbitrary code execution. Exploitation requires user in...
CVE-2024-47454
CVE-2024-47454 affects Adobe Illustrator up to version 28.7.1, with an out-of-bounds read that could disclose sensitive memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). The connected advisories indicate Adobe released fixes in APSB24-87 (update to 28...
CVE-2024-47455
Adobe Illustrator CVE-2024-47455 is an out-of-bounds read affecting versions 28.7.1 and earlier, enabling potential memory disclosure and ASLR bypass when a user opens a malicious file. Connected advisories indicate updates are available (APSB24-87); updating to 28.7.2 or newer mitigates these vu...
CVE-2024-47450
CVE-2024-47450 affects Adobe Illustrator up to version 28.7.1 and is a Heap-based Buffer Overflow that could allow arbitrary code execution in the context of the current user when a specially crafted file is opened. Exploitation requires user interaction (opening a malicious file). An official fi...
CVE-2024-47451
Adobe Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability (CVE-2024-47451) that could lead to arbitrary code execution in the context of the current user. Exploitation requires the victim to open a specially crafted file, with user interaction needed. Root...
CVE-2024-47453
CVE-2024-47453 affects Adobe Illustrator versions 28.7.1 and earlier, with an out-of-bounds read that could disclose sensitive memory and potentially bypass ASLR. Exploitation requires the victim to open a malicious file, and the issue is mitigated by the Adobe APSB24-87 updates (Illustrator 28.7...
CVE-2024-47457
Adobe Illustrator CVE-2024-47457 describes a NULL Pointer Dereference vulnerability in Illustrator
CVE-2024-47452
Adobe Illustrator 28.7.1 and earlier is affected by CVE-2024-47452, an out-of-bounds write that could execute arbitrary code in the context of the current user. Exploitation requires the user to open a crafted file. Affected versions should be updated to 28.7.2 or later per APSB24-87; advisories ...