All intelligence
// vulnerability record
live · NVDCVE-2025-24448
MEDIUMpublished 2025-03-11 18:15 UTC · 1 year ago · modified 2026-06-17 08:59 UTC
5.5
CVSS / 10
// description
Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
// cvss 3.1 vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
// weaknesses (CWE)
- CWE-125