CVSS: 9.3EPSS: 97%CPEs: 2EXPL: 5CVE-2009-4195 – Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript '.eps' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-4195
Buffer overflow in Adobe Illustrator CS4 14.0.0, CS3 13.0.3 and earlier, and CS3 13.0.0 allows remote attackers to execute arbitrary code via a long DSC comment in an Encapsulated PostScript (.eps) file. NOTE: some of these details are obtained from third party information. Desbordamiento de búfer Adobe Illustrator CS4 v13.0.0 y v14.0.0 atacantes remotos con la intervención del usuario ejecutar código de su elección mediante un largo DSC Comment en un fichero de encapsulado Postscript (.eps). NOTA: algunos de estos detalles se han obtenido de información de terceros. • https://www.exploit-db.com/exploits/10281 https://www.exploit-db.com/exploits/10344 https://www.exploit-db.com/exploits/16669 http://blogs.adobe.com/psirt/2009/12/potential_adobe_illustrator_cs.html http://osvdb.org/60632 http://retrogod.altervista.org/9sg_adobe_illuso.html http://secunia.com/advisories/37563 http://www.adobe.com/support/security/bulletins/apsb10-01.html http://www.securityfocus.com/archive/1/508175/100/0/threaded http://www.securityfocus.com/bid/37192& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.6EPSS: 0%CPEs: 60EXPL: 0CVE-2006-0525
https://notcve.org/view.php?id=CVE-2006-0525
Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group, which allows local users to gain privileges via Trojan horse programs. • http://secunia.com/advisories/18698 http://securitytracker.com/id?1015577 http://securitytracker.com/id?1015578 http://securitytracker.com/id?1015579 http://www.adobe.com/support/techdocs/332644.html http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf http://www.kb.cert.org/vuls/id/953860 http://www.osvdb.org/22908 http://www.securityfocus.com/archive/1/423587/100/0/threaded http://www.securityfocus.com/bid/16451 http://www.vupen.com/english/advisories/2006/ • CWE-264: Permissions, Privileges, and Access Controls •