CVE-2022-23188

Name of the Vulnerable Software and Affected Versions Adobe Illustrator versions 25.4.3 and earlier Adobe Illustrator versions 26.0.2 and earlier

Description The issue is related to a buffer overflow vulnerability due to insecure handling of crafted malicious files, potentially resulting in arbitrary code execution in the context of the current user. This vulnerability can be exploited when a victim opens a malicious file in the software, requiring user interaction. The vulnerability is also associated with the insecure handling of files in the PICT graphic format, allowing an attacker to execute arbitrary code.

Recommendations For Adobe Illustrator versions 25.4.3 and earlier, update to a version later than 25.4.3 to resolve the issue. For Adobe Illustrator versions 26.0.2 and earlier, update to a version later than 26.0.2 to resolve the issue. As a temporary workaround, consider avoiding the use of files in the PICT graphic format until a patch is available. Restrict access to potentially malicious files to minimize the risk of exploitation.