CVE-2024-34137

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 14, 2024

Updated: Aug 15, 2024

CWE ID 476

Summary

CVE-2024-34137 is a newly disclosed vulnerability that affects Adobe Illustrator versions 28.5 and 27.9.4, as well as older releases. This issue involves a NULL Pointer Dereference (NULLPD) vulnerability, which an attacker can utilize to trigger a denial-of-service (DoS) condition in the application. By crafting and opening a malicious file, the attacker can force the Illustrator software to crash, resulting in a DoS scenario. It is crucial for users to update their software to a patched version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe Illustrator

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/vso-Uz
https://www.cve.org/CVERecord?id=CVE-2024-34137
https://nvd.nist.gov/vuln/detail/CVE-2024-34137

Back to Vulnerability Database