Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
History

Tue, 21 Jan 2025 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Adobe
Adobe illustrator
CPEs cpe:2.3:a:adobe:illustrator:*:*:*:*:*:ipad_os:*:*
Vendors & Products Adobe
Adobe illustrator

Tue, 14 Jan 2025 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 14 Jan 2025 19:15:00 +0000

Type Values Removed Values Added
Description Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Title Illustrator on iPad | Integer Underflow (Wrap or Wraparound) (CWE-191)
Weaknesses CWE-191
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2025-01-14T19:05:26.082Z

Updated: 2025-01-24T04:56:17.622Z

Reserved: 2024-12-04T17:19:21.474Z

Link: CVE-2025-21133

cve-icon Vulnrichment

Updated: 2025-01-14T20:36:54.722Z

cve-icon NVD

Status : Analyzed

Published: 2025-01-14T19:15:34.187

Modified: 2025-01-21T17:49:17.330

Link: CVE-2025-21133

cve-icon Redhat

No data.