Severity
Medium
Analysis Summary
CVE-2025-47120 CVSS:5.5
Adobe Framemaker is vulnerable to a stack-based buffer overflow. By persuading a victim to open a specially crafted document, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVE-2025-47119 CVSS:5.5
Adobe Framemaker vulnerable to a denial of service, caused by a NULL pointer dereference. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2025-49524 CVSS:5.5
Adobe Illustrator is vulnerable to a denial of service, caused by a NULL pointer dereference. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2025-49525 CVSS:5.5
Adobe Illustrator could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2025-30313 CVSS:5.5
Adobe Illustrator could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information.
Impact
- Buffer Overflow
- Denial of Service
- Information Disclosure
Indicators of Compromise
CVE
CVE-2025-47120
CVE-2025-47119
CVE-2025-49524
CVE-2025-49525
CVE-2025-30313
Affected Vendors
- Adobe
Affected Products
- Adobe Framemaker 2022 - Rel Update 6
- Adobe Framemaker 2020 - Rel Update 8
- Adobe Illustrator - 29.5.1
- Adobe Illustrator - 28.7.6
Remediation
Refer to Adobe Security Bulletin for patch, upgrade, or suggested workaround information.