CVE-2022-23187
published 2022-03-11CVE-2022-23187: Adobe Illustrator version 26.0.3 (and earlier) is affected by a buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
Adobe Illustrator version 26.0.3 (and earlier) is affected by a buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in Illustrator.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | illustrator | >= 25.0 < 25.4.5 | 25.4.5 |
| adobe | illustrator | >= 26.0 < 26.1.0 | 26.1.0 |
| adobe | illustrator | unspecified – 26.0.3 | — |