Headline
CVE-2022-23199: Adobe Security Bulletin
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Security Updates Available for Adobe Illustrator | APSB22-07
Adobe has released an update for Adobe Illustrator 2022 and Adobe Illustrator 2021. This update resolves critical, important and moderate vulnerabilities that could lead to privilege escalation, application denial of service, and memory leak.
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version via the Creative Cloud desktop app’s update mechanism. For more information, please reference this help page.
Adobe would like to thank the following researcher for reporting these issues and for working with Adobe to help protect our customers:
Yonghui Han of Fortinet’s FortiGuard Labs - CVE-2022-23198, CVE-2022-23197, CVE-2022-23196, CVE-2022-23189, CVE-2022-23199, CVE-2022-23186
Kushal Arvind Shah of Fortinet’s FortiGuard Labs - CVE-2022-23195, CVE-2022-23194, CVE-2022-23193, CVE-2022-23192, CVE-2022-23191, CVE-2022-23190, CVE-2022-23188
For more information, visit https://helpx.adobe.com/security.html, or email [email protected]