CVE-2012-2023
critical
CVSS v3
—
CVSS v2
10.0
VIR risk
10.0
Description
Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2024, CVE-2012-2025, and CVE-2012-2026.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: psirt@adobe.com — http://www.adobe.com/support/security/bulletins/apsb12-10.html
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| adobe | illustrator | 7.0 | |
| adobe | illustrator | 8.0 | |
| adobe | illustrator | 9.0 | |
| adobe | illustrator | 10.0 | |
| adobe | illustrator | 11.0 | |
| adobe | illustrator | 11.0.1 | |
| adobe | illustrator | 12.0.0 | |
| adobe | illustrator | 13.0 | |
| adobe | illustrator | 13.0.1 | |
| adobe | illustrator | 13.0.2 | |
| adobe | illustrator | 13.0.3 | |
| adobe | illustrator | 14.0 | |
| adobe | illustrator | 15.0 | |
| adobe | illustrator_cs5.5 | {"endIncluding":"15"} | |
References
- http://www.adobe.com/support/security/bulletins/apsb12-10.html
- http://www.securityfocus.com/bid/53422
- http://www.securitytracker.com/id?1027047
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75446
- http://www.adobe.com/support/security/bulletins/apsb12-10.html
- http://www.securityfocus.com/bid/53422
- http://www.securitytracker.com/id?1027047
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75446
CWEs
CWE-119
Verify integrity in audit chain (admin only). AS-IS.