Illustrator versions 28.4, 27.9.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Metrics
Affected Vendors & Products
References
History
Wed, 04 Dec 2024 23:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Adobe
Adobe illustrator Apple Apple macos Microsoft Microsoft windows |
|
CPEs | cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Adobe
Adobe illustrator Apple Apple macos Microsoft Microsoft windows |
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2024-05-16T08:08:48.447Z
Updated: 2024-08-01T22:06:35.687Z
Reserved: 2023-12-04T16:52:22.991Z
Link: CVE-2024-20791
Vulnrichment
Updated: 2024-08-01T22:06:35.687Z
NVD
Status : Analyzed
Published: 2024-05-16T09:15:08.967
Modified: 2024-12-04T22:39:52.703
Link: CVE-2024-20791
Redhat
No data.