CVE-2022-44500: Adobe Illustrator Out-of-Bound Read Memory leak
First published: Tue Dec 13 2022(Updated: )
Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Illustrator | <=26.5.1 | |
| Adobe Illustrator | =27.0 | |
| Apple macOS | ||
| Microsoft Windows | ||
| All of | ||
| Any of | ||
| Adobe Illustrator | <=26.5.1 | |
| Adobe Illustrator | =27.0 | |
| Any of | ||
| Apple macOS | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-44500 vulnerability?
CVE-2022-44500 is an out-of-bounds read vulnerability in Adobe Illustrator versions 26.5.1 and earlier, and 27.0 and earlier, that could lead to disclosure of sensitive memory.
What is the severity of CVE-2022-44500?
The severity of CVE-2022-44500 vulnerability is rated as medium, with a severity value of 5.5.
How can CVE-2022-44500 be exploited?
An attacker can exploit CVE-2022-44500 by leveraging the out-of-bounds read vulnerability to bypass mitigations such as ASLR.
Which software versions are affected by CVE-2022-44500?
Adobe Illustrator versions 26.5.1 and earlier, as well as version 27.0 and earlier, are affected by CVE-2022-44500.
Is Apple macOS or Microsoft Windows affected by CVE-2022-44500?
No, Apple macOS and Microsoft Windows are not vulnerable to CVE-2022-44500.
How can I mitigate the CVE-2022-44500 vulnerability?
To mitigate the CVE-2022-44500 vulnerability, it is recommended to update Adobe Illustrator to a version that is not affected by the vulnerability.
Where can I find more information about CVE-2022-44500?
You can find more information about CVE-2022-44500 on Adobe's official security advisory page: https://helpx.adobe.com/security/products/illustrator/apsb22-60.html
- collector/nvd-index
- agent/type
- agent/remedy
- agent/weakness
- agent/references
- agent/severity
- agent/title
- agent/description
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/adobe
- canonical/adobe illustrator
- version/adobe illustrator/26.5.1
- version/adobe illustrator/27.0
- vendor/apple
- canonical/apple macos
- vendor/microsoft
- canonical/microsoft windows