Lucene search
Tran Van Khang \xe2\x80\x93 khangkito (VinCSS)ZDI-21-581HistoryMay 13, 2021 - 12:00 a.m.
Adobe Illustrator TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2021-05-1300:00:00
Tran Van Khang \xe2\x80\x93 khangkito (VinCSS)
www.zerodayinitiative.com
27
0.005 Low
EPSS
Percentile
76.5%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of embedded fonts. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
cve
cve
CVE-2021-21101
2021-06-28 14:15:09
cvelist
cvelist
prion
prion
Cross site scripting
2021-06-28 14:15:00
nvd
nvd
CVE-2021-21101
2021-06-28 14:15:09
thn
thn
Alert: Hackers Exploit Adobe Reader 0-Day Vulnerability in the Wild
2021-05-12 05:41:00
nessus
nessus
Adobe Illustrator CC < 25.2.3 Multiple Vulnerabilities (APSB21-24)
2021-05-13 00:00:00
adobe
adobe
APSB21-24 Security update available for Adobe Illustrator
2021-05-11 00:00:00
openvas
openvas
Adobe Illustrator Multiple Vulnerabilities (APSB21-24) - Windows
2022-09-27 00:00:00
qualysblog
qualysblog