CVE-2021-21103

MEDIUM

Adobe Illustrator <25.2 - Memory Corruption

Title source: llm

Description

Adobe Illustrator version 25.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

References (1)

[Vendor Advisory] https://helpx.adobe.com/security/products/illustrator/apsb21-24.html

Scores

CVSS v3 4.3

EPSS 0.0049

EPSS Percentile 65.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Details

CWE

CWE-787 CWE-788

Status published

Products (1)

adobe/illustrator < 25.2

Published Sep 08, 2021

Tracked Since Feb 18, 2026