Because of security issues in the Illustrator CS2 Macintosh version, an attacker who convinced a user to open a malicious AI file in Illustrator could exploit the issue and potentially cause code execution.
Adobe recommends that customers exercise caution when receiving unsolicited or suspicious files. Adobe is not aware of any information to indicate that this vulnerability has been publicly used to attack customers.
These issues do not affect Illustrator CS3 or the upcoming Illustrator CS4 release.
Adobe categorizes this as a critical issue and recommends that Illustrator CS2 Mac customers exercise caution when receiving unsolicited or suspicious AI files.
To read the advisory in its entirety, go to www.adobe.com/support/security/advisories.
This article was last modified on June 19, 2020
This article was first published on September 18, 2008
Commenting is easier and faster when you're logged in!
Leave a Reply
Reading this advisory sure leaves me with the impression that Adobe does not intend to issue a patch to fix this. I understand they have a standing policy against fixing bugs in previous-version applications, but a security risk? They should fix it. As much as they wish everyone would upgrade, there are many publishers and printers that, for many reasons, cannot always accept files from the very newest versions.