PT-2024-8191 · Adobe · Illustrator

Published

2024-11-12

Updated

2024-11-14

CVE-2024-47450

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Adobe Illustrator versions 28.7.1 and earlier

Description: The issue is related to a Heap-based Buffer Overflow that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction, where a victim must open a malicious file. This allows an attacker to potentially execute arbitrary code using a specially crafted file.

Recommendations: For Adobe Illustrator versions 28.7.1 and earlier, update to a version later than 28.7.1 to resolve the issue. At the moment, there is no information about other mitigation measures for this specific vulnerability.

Fix

Memory Corruption

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-122

Related Identifiers

BDU:2024-09733

CVE-2024-47450

Affected Products

Illustrator

PT-2024-8191 · Adobe · Illustrator

CVE-2024-47450

Weakness Enumeration

Related Identifiers

Affected Products

References · 7