Trend Micro Security

Adobe Illustrator Encapsulated Postscript File Remote Buffer Overflow Vulnerability

  CVE識別番号: CVE-2009-4195
  情報公開日: 12 17, 2009

  概要

Trend Micro advises users about an existing vulnerability in Adobe Illustrator. The exploit happens when the said application fails to successfully parse comments from EPS (Encapsulated PostScript) files, leading to a buffer overflow.

Once the vulnerability is successfully exploited, attackers can be allowed to execute arbitrary code on the compromised system, allowing them to gain complete control of it.

  トレンドマイクロの対策

For Trend Micro clients using OfficeScan with Intrusion Defense Firewall (IDF) please refer to filter identifier(s) specific to this advisory's vulnerability identifiers. For patch information and suggested workarounds, users are advised to refer to this Adobe webpage: http://www.adobe.com/support/security/advisories/apsa09-06.html

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1003864

  影響を受けるソフトウェア

  • Adobe Illustrator CS4 (14.0.0)
  • Adobe Illustrator CS3 (13.0.3 and earlier)