Total
82 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-21102 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2021-07-06 | 9.3 HIGH | 8.8 HIGH |
Adobe Illustrator version 25.2 (and earlier) is affected by a Path Traversal vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2021-21101 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2021-07-06 | 9.3 HIGH | 8.8 HIGH |
Adobe Illustrator version 25.2 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2021-21053 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2021-02-17 | 9.3 HIGH | 7.8 HIGH |
Adobe Illustrator version 25.1 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2021-21007 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2021-01-19 | 6.8 MEDIUM | 7.0 HIGH |
Adobe Illustrator version 25.0 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2020-24409 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2020-11-10 | 6.8 MEDIUM | 7.8 HIGH |
Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing crafted PDF files. This could result in a read past the end of an allocated memory structure, potentially resulting in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit. | |||||
CVE-2020-24411 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2020-11-10 | 6.8 MEDIUM | 7.8 HIGH |
Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds write vulnerability when handling crafted PDF files. This could result in a write past the end of an allocated memory structure, potentially resulting in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit. | |||||
CVE-2020-24410 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2020-11-10 | 6.8 MEDIUM | 7.8 HIGH |
Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing crafted PDF files. This could result in a read past the end of an allocated memory structure, potentially resulting in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit. | |||||
CVE-2020-9642 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2020-06-29 | 9.3 HIGH | 7.8 HIGH |
Adobe Illustrator versions 24.1.2 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
CVE-2006-0525 | 1 Adobe | 9 Acrobat, Acrobat Reader, Creative Suite and 6 more | 2018-10-19 | 4.6 MEDIUM | N/A |
Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group, which allows local users to gain privileges via Trojan horse programs. | |||||
CVE-2010-3152 | 1 Adobe | 1 Illustrator | 2018-10-10 | 9.3 HIGH | N/A |
Untrusted search path vulnerability in Adobe Illustrator CS4 14.0.0, CS5 15.0.1 and earlier, and possibly other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll or aires.dll that is located in the same folder as an .ait or .eps file. | |||||
CVE-2009-4195 | 1 Adobe | 1 Illustrator | 2018-10-10 | 9.3 HIGH | N/A |
Buffer overflow in Adobe Illustrator CS4 14.0.0, CS3 13.0.3 and earlier, and CS3 13.0.0 allows remote attackers to execute arbitrary code via a long DSC comment in an Encapsulated PostScript (.eps) file. NOTE: some of these details are obtained from third party information. | |||||
CVE-2012-0780 | 1 Adobe | 2 Illustrator, Illustrator Cs5.5 | 2017-12-04 | 10.0 HIGH | N/A |
Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2023, CVE-2012-2024, CVE-2012-2025, and CVE-2012-2026. | |||||
CVE-2007-2244 | 1 Adobe | 3 Golive, Illustrator, Photoshop | 2017-10-10 | 9.3 HIGH | N/A |
Multiple buffer overflows in Adobe Photoshop CS2 and CS3, Illustrator CS3, and GoLive 9 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) BMP, (2) DIB, or (3) RLE file. | |||||
CVE-2007-2365 | 1 Adobe | 4 Golive, Illustrator, Photoshop and 1 more | 2017-10-10 | 9.3 HIGH | N/A |
Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements 5.0, Illustrator CS3, and GoLive 9 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file. | |||||
CVE-2012-2025 | 1 Adobe | 2 Illustrator, Illustrator Cs5.5 | 2017-08-28 | 10.0 HIGH | N/A |
Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2023, CVE-2012-2024, and CVE-2012-2026. | |||||
CVE-2012-2023 | 1 Adobe | 2 Illustrator, Illustrator Cs5.5 | 2017-08-28 | 10.0 HIGH | N/A |
Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2024, CVE-2012-2025, and CVE-2012-2026. | |||||
CVE-2012-2024 | 1 Adobe | 2 Illustrator, Illustrator Cs5.5 | 2017-08-28 | 10.0 HIGH | N/A |
Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2023, CVE-2012-2025, and CVE-2012-2026. | |||||
CVE-2012-2026 | 1 Adobe | 2 Illustrator, Illustrator Cs5.5 | 2017-08-28 | 10.0 HIGH | N/A |
Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2023, CVE-2012-2024, and CVE-2012-2025. | |||||
CVE-2008-3961 | 1 Adobe | 1 Illustrator | 2017-08-07 | 9.3 HIGH | N/A |
Multiple unspecified vulnerabilities in Adobe Illustrator CS2 on Macintosh allow user-assisted attackers to execute arbitrary code via a crafted AI file. | |||||
CVE-2014-0513 | 1 Adobe | 1 Illustrator | 2014-05-14 | 10.0 HIGH | N/A |
Stack-based buffer overflow in Adobe Illustrator CS6 before 16.0.5 and 16.2.x before 16.2.2 allows remote attackers to execute arbitrary code via unspecified vectors. |