Adobe Illustrator Encapsulated Postscript File Remote Buffer Overflow Vulnerability

Severity Rating: High

System Affected
Adobe Illustrator CS4 version 14.0.0
Adobe Illustrator CS3 version 13.0.3 and prio

A vulnerability has been reported in Adobe Illustrator CS4 and Adobe Illustrator CS3, which could allow a remote attacker to execute an arbitrary code.

This vulnerability is caused due to a memory corruption error when processing Encapsulated Postscript (.eps) files containing overly long data in Adobe Illustrator. A remote attacker could exploit this vulnerability by
tricking a user into opening a specially crafted Encapsulated Postscript Files (.eps) file with a long DSC Comment to trigger memory corruption error. Successful exploitation of this vulnerability could allow a remote
attacker to execute an arbitrary code.

Do not open .eps files from untrusted sources. Exercise caution while visiting websites Solution
Apply appropriate patches as mentioned in Adobe Security Bulletin APSA09-06

Vendor Information

VUPEN Security
CVE Name
CWE Name

The information provided herein is on “as is” basis, without warranty of any kind.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at

Up ↑

%d bloggers like this: