Illustrator versions 29.0.0, 28.7.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Metrics
Affected Vendors & Products
References
History
Wed, 18 Dec 2024 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Adobe
Adobe illustrator Apple Apple macos Microsoft Microsoft windows |
|
CPEs | cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:* cpe:2.3:a:adobe:illustrator:29.0.0:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Adobe
Adobe illustrator Apple Apple macos Microsoft Microsoft windows |
Wed, 11 Dec 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 10 Dec 2024 20:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Illustrator versions 29.0.0, 28.7.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |
Title | Illustrator | Out-of-bounds Read (CWE-125) | |
Weaknesses | CWE-125 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2024-12-10T20:20:34.787Z
Updated: 2024-12-17T04:55:26.225Z
Reserved: 2024-10-15T15:35:47.035Z
Link: CVE-2024-49541
Vulnrichment
Updated: 2024-12-11T14:40:10.267Z
NVD
Status : Analyzed
Published: 2024-12-10T21:15:16.793
Modified: 2024-12-18T15:17:34.523
Link: CVE-2024-49541
Redhat
No data.