Adobe Security Bulletin

Security hotfix available for Adobe Illustrator (CS6)

Release date: May 13, 2014

Vulnerability identifier: APSB14-11

Priority: See table below

CVE number: CVE-2014-0513

Platform: Windows and Macintosh

Summary

Adobe has released a security hotfix for Adobe Illustrator (CS6) for Windows and Macintosh. This hotfix addresses a vulnerability that could be exploited to gain remote code execution on the affected system. Adobe recommends users update their product installations using the instructions provided in the “Solution” section below.

Affected software versions

  • Adobe Illustrator for CS6 version 16.2.0 and earlier for Windows (subscription)
  • Adobe Illustrator for CS6 version 16.2.1 and earlier for Macintosh (subscription)
  • Adobe Illustrator for CS6 version 16.0.3 and earlier for Windows (non-subscription)
  • Adobe Illustrator for CS6 version 16.0.4 and earlier for Macintosh (non-subscription)

Solution

Adobe recommends users update their software installations by following these instructions:

Letöltés

Priority and severity ratings

Adobe categorizes these updates with the following priority rating and recommends users update their installation to the newest version:

Product Updated version Platform Priority rating
Adobe Illustrator (subscription) 16.2.2 Windows 3
Adobe Illustrator (non-subscription) 16.0.5 Windows 3
Adobe Illustrator (subscription) 16.2.2 Macintosh 3
Adobe Illustrator (non-subscription) 16.0.5 Macintosh 3

These updates address a critical vulnerability in the software.

Details

Adobe has released a security hotfix for Adobe Illustrator (CS6) for Windows and Macintosh. This hotfix addresses a vulnerability that could be exploited to gain remote code execution on the affected system. Adobe recommends users update their product installations using the instructions provided in the “Solution” section above.

These updates resolve a stack overflow vulnerability that could result in arbitrary code execution (CVE-2014-0513).

Acknowledgments

Adobe would like to thank Noam Rathaus (CVE-2014-0513) for reporting this issue and for working with Adobe to help protect our customers.