PT-2021-3411 · Adobe · Illustrator

Published

2021-05-11

Updated

2021-07-06

CVE-2021-21101

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Illustrator version 25.2 and earlier

Description The issue is related to an Out-of-bounds Write vulnerability when parsing a specially crafted file, which could allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. Exploitation requires user interaction, such as opening a malicious file. The vulnerability can be exploited using a specially crafted PDF file, allowing a remote attacker to execute arbitrary code on the target system.

Recommendations For Adobe Illustrator version 25.2 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

BDU:2021-03262

CVE-2021-21101

ZDI-21-581

Affected Products

Illustrator

PT-2021-3411 · Adobe · Illustrator

CVE-2021-21101

Weakness Enumeration

Related Identifiers

Affected Products

References · 6