Signature Detail

HTTP: Adobe Illustrator EPS File DSC Comment Buffer Overflow

This signature detects attempts to exploit a known buffer overflow vulnerability in Adobe Illustrator software. It is due to a boundary error while parsing Encapsulated Postscript (.eps) files containing an overly long DSC comment value. Remote attackers can exploit this by enticing target users to open a crafted EPS file with a vulnerable version of the affected product. A successful attack can result in arbitrary code execution with the privileges of the logged in user. In an unsuccessful attack, the behavior of the vulnerable application appears unchanged.

Extended Description

Adobe Illustrator is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious Encapsulated PostScript file. Successfully exploiting this issue will allow attackers to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely result in a denial-of-service condition. This issue affects Illustrator CS4 14.0.0 and CS3 13.0.0; other versions may also be affected.

Affected Products

• Adobe Illustrator CS3
• Adobe Illustrator CS4

References

• BugTraq: 37192
• CVE: CVE-2009-4195