HTTP: Adobe Illustrator EPS File DSC Comment Buffer Overflow
This signature detects attempts to exploit a known buffer overflow vulnerability in Adobe Illustrator software. It is due to a boundary error while parsing Encapsulated Postscript (.eps) files containing an overly long DSC comment value. Remote attackers can exploit this by enticing target users to open a crafted EPS file with a vulnerable version of the affected product. A successful attack can result in arbitrary code execution with the privileges of the logged in user. In an unsuccessful attack, the behavior of the vulnerable application appears unchanged.
Extended Description
Adobe Illustrator is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious Encapsulated PostScript file. Successfully exploiting this issue will allow attackers to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely result in a denial-of-service condition. This issue affects Illustrator CS4 14.0.0 and CS3 13.0.0; other versions may also be affected.
Affected Products
Adobe illustrator
Short Name
HTTP:STC:DL:EPS-DSC-BOF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Adobe Buffer CVE-2009-4195 Comment DSC EPS File Illustrator Overflow bid:37192
Release Date
01/13/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Adobe
CVSS Score
9.3