CVE-2020-9639

CWE-787 — Out-of-bounds Write CWE-119 — Buffer Overflow3 documents3 sources

Severity

7.8HIGH

EPSS

1.4%

top 19.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Illustrator Adobe Adobe Illustrator

Timeline

PublishedJun 25

Latest updateMay 24

Description

Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶NVDadobe/illustrator24.1.2

▶CVEListV5adobe/adobe_illustrator24.1.2 and earlier versions

Patches

Patch: helpx.adobe.com ↗Patch: helpx.adobe.com ↗

🔴Vulnerability Details

GHSA

GHSA-f689-w2xx-26rh: Adobe Illustrator versions 24↗2022-05-24

▶

CVEList

CVE-2020-9639: Adobe Illustrator versions 24↗2020-06-25

▶