Illustrator versions 28.4, 27.9.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
History

Wed, 04 Dec 2024 23:00:00 +0000

Type Values Removed Values Added
First Time appeared Adobe
Adobe illustrator
Apple
Apple macos
Microsoft
Microsoft windows
CPEs cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Adobe
Adobe illustrator
Apple
Apple macos
Microsoft
Microsoft windows

cve-icon MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2024-05-16T08:08:48.447Z

Updated: 2024-08-01T22:06:35.687Z

Reserved: 2023-12-04T16:52:22.991Z

Link: CVE-2024-20791

cve-icon Vulnrichment

Updated: 2024-08-01T22:06:35.687Z

cve-icon NVD

Status : Analyzed

Published: 2024-05-16T09:15:08.967

Modified: 2024-12-04T22:39:52.703

Link: CVE-2024-20791

cve-icon Redhat

No data.