Adobe Illustrator APSB12-10 Multiple Memory Corruption Vulnerabilities

Bugtraq ID:	53422
Class:	Unknown
CVE:	CVE-2012-0780 CVE-2012-2023 CVE-2012-2024 CVE-2012-2025 CVE-2012-2026 CVE-2012-2042
Remote:	Yes
Local:	No
Published:	May 08 2012 12:00AM
Updated:	Jun 17 2012 12:03AM
Credit:	Felipe Andres Manzano, Justin Kim from Microsoft Malware Protection Center (MMPC) and Microsoft Vulnerability Research (MSVR), Tielei Wang from Georgia Tech Information Security Center via Secunia SVCRP.
Vulnerable:	Adobe Illustrator CS5.5 Adobe Illustrator CS5 Adobe Illustrator CS4 Adobe Illustrator CS3 Adobe Illustrator CS2 Adobe Illustrator CS
Not Vulnerable:	Adobe Illustrator CS5.5 15.1.1 Adobe Illustrator CS5 15.0.3 Adobe Illustrator CS6

Adobe Illustrator APSB12-10 Multiple Memory Corruption Vulnerabilities

Adobe Illustrator is prone to multiple memory-corruption vulnerabilities.

An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Adobe Illustrator CS5.5 and prior are vulnerable.

Adobe Illustrator APSB12-10 Multiple Memory Corruption Vulnerabilities

The following exploit is available:

• /data/vulnerabilities/exploits/53422.py

Adobe Illustrator APSB12-10 Multiple Memory Corruption Vulnerabilities

Solution:
Updates are available. Please see the references for more information.

Adobe Illustrator APSB12-10 Multiple Memory Corruption Vulnerabilities

References:

• Adobe Illustrator Homepage (Adobe)
  
• APSB12-10: Security Bulletin for Adobe Illustrator (Adobe)