9.3

CVE-2009-4195

Exploit
Buffer overflow in Adobe Illustrator CS4 14.0.0, CS3 13.0.3 and earlier, and CS3 13.0.0 allows remote attackers to execute arbitrary code via a long DSC comment in an Encapsulated PostScript (.eps) file. NOTE: some of these details are obtained from third party information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeIllustrator Version13.0.0 Updatecs4
AdobeIllustrator Version14.0.0 Updatecs4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 70.68% 0.993
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://blogs.adobe.com/psirt/2009/12/potential_adobe_illustrator_cs.html
http://osvdb.org/60632
http://retrogod.altervista.org/9sg_adobe_illuso.html
Exploit
http://secunia.com/advisories/37563
Vendor Advisory
http://www.adobe.com/support/security/bulletins/apsb10-01.html
http://www.securityfocus.com/archive/1/508175/100/0/threaded
http://www.securityfocus.com/bid/37192
Exploit
http://www.securitytracker.com/id?1023276
http://www.vupen.com/english/advisories/2009/3396
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/54521