Lucene search
Mat Powell of Trend Micro Zero Day InitiativeZDI-23-246HistoryMar 16, 2023 - 12:00 a.m.
Adobe Illustrator Font Parsing Memory Corruption Remote Code Execution Vulnerability
2023-03-1600:00:00
Mat Powell of Trend Micro Zero Day Initiative
www.zerodayinitiative.com
14
adobe illustrator
font parsing
memory corruption
remote code execution
user interaction
embedded fonts
data validation
EPSS
0.005
Percentile
77.6%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of embedded fonts. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
nvd
nvd
CVE-2023-25859
2023-03-22 17:15:15
vulnrichment
vulnrichment
cve
cve
CVE-2023-25859
2023-03-22 17:15:15
prion
prion
Input validation
2023-03-22 17:15:00
cvelist
cvelist
openvas
openvas
Adobe Illustrator Multiple Vulnerabilities (APSB23-19) - Windows
2023-03-15 00:00:00
Adobe Illustrator Multiple Vulnerabilities (APSB23-19) - Mac OS X
2023-03-15 00:00:00
nessus
nessus
Adobe Illustrator < 27.3.1 Multiple Vulnerabilities (APSB23-19)
2023-03-14 00:00:00
Adobe Illustrator < 27.3.1 Multiple Vulnerabilities (APSB23-19) (macOS)
2023-10-16 00:00:00
adobe
adobe
APSB23-19 : Security update available for Adobe Illustrator
2023-03-14 00:00:00