==================================================================== CERT-Renater Note d'Information No. 2020/VULN016 _____________________________________________________________________ DATE : 15/01/2020 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Adobe Illustrator CC versions prior to 24.0.2 ===================================================================== https://helpx.adobe.com/security/products/illustrator/apsb20-03.html _____________________________________________________________________ Security Updates Available for Adobe Illustrator CC | APSB20-03 +------------------------+----------------------------------+-----------------+ |Bulletin ID |Date Published |Priority | +------------------------+----------------------------------+-----------------+ |APSB20-03 |January 14, 2020 |3 | +------------------------+----------------------------------+-----------------+ Summary Adobe has released updates for Adobe Illustrator CC for Windows.This update resolves critical vulnerabilities that could lead toarbitrary code execution in the context of the current user. Affected Versions +----------------------+-------------------------+--------+ | Product | Version |Platform| +----------------------+-------------------------+--------+ |Illustrator CC2019 |24.0 and earlier versions|Windows | +----------------------+-------------------------+--------+ Solution Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version via the Creative Cloud desktop app's update mechanism. For more information, please reference this helppage . +----------------------+---------+----------+----------+----------------------+ |Product |Version |Platform |Priority |Availability | +----------------------+---------+----------+----------+----------------------+ |Illustrator CC2019 |24.0.2 |Windows |3 |Download Page | +----------------------+---------+----------+----------+----------------------+ Vulnerability details +----------------------+---------------------------+---------+--------------+ |Vulnerability Category|Vulnerability Impact |Severity |CVE Numbers | +----------------------+---------------------------+---------+--------------+ | | | |CVE-2020-3710| | | | | | | | | |CVE-2020-3711| | | | | | |Memory Corruption |Arbitrary Code Execution |Critical |CVE-2020-3712| | | | | | | | | |CVE-2020-3713| | | | | | | | | |CVE-2020-3714| +----------------------+-------------------------+------+--------------+ Acknowledgments Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers: o Honggang Ren of Fortinet's FortiGuard Labs. (CVE-2020-3710, CVE-2020-3711, CVE-2020-3712, CVE-2020-3713, CVE-2020-3714) ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================