Release date: May 8, 2012
Vulnerability identifier: APSB12-10
Priority: 3
CVE numbers: CVE-2012-0780, CVE-2012-2023, CVE-2012-2024, CVE-2012-2025, CVE-2012-2026
Platform: Windows and Macintosh
Adobe released a security upgrade for Adobe Illustrator CS5.5 and earlier for Windows and Macintosh. This upgrade addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system.
Adobe has released Adobe Illustrator CS6, which addresses these vulnerabilities. For users who cannot upgrade to Adobe Illustrator CS6, Adobe recommends users follow security best practices and exercise caution when opening files from unknown or untrusted sources.
Adobe Illustrator CS5.5 and earlier for Windows and Macintosh
Adobe has released Adobe Illustrator CS6 (paid upgrade), which addresses these vulnerabilities. For users who cannot upgrade to Adobe Illustrator CS6, Adobe recommends users follow security best practices and exercise caution when opening files from unknown or untrusted sources.
Adobe categorizes this upgrade with the following priority rating:
|
Product
|
Updated Version
|
Platform
|
Priority Rating
|
|---|---|---|---|
| Adobe Illustrator | CS6 | Windows and Macintosh |
3
|
This upgrade addresses critical vulnerabilities in the software.
Adobe released a security upgrade for Adobe Illustrator CS5.5 and earlier for Windows and Macintosh. This upgrade addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. Adobe is not aware of any attacks exploiting these vulnerabilities against Adobe Illustrator.
Adobe has released Adobe Illustrator CS6, which addresses these vulnerabilities. For users who cannot upgrade to Adobe Illustrator CS6, Adobe recommends users follow security best practices and exercise caution when opening files from unknown or untrusted sources.
This upgrade resolves a memory corruption vulnerability that could lead to code execution (CVE-2012-0780).
This upgrade resolves a memory corruption vulnerability that could lead to code execution (CVE-2012-2023).
This upgrade resolves a memory corruption vulnerability that could lead to code execution (CVE-2012-2024).
This upgrade resolves a memory corruption vulnerability that could lead to code execution (CVE-2012-2025).
This upgrade resolves a memory corruption vulnerability that could lead to code execution (CVE-2012-2026).
Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:
