In association with heise online

10 October 2007, 13:24

Security updates for Adobe GoLive 9 and Illustrator CS3

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Adobe has released updates for GoLive 9 and Illustrator CS3 which fix critical security vulnerabilities. According to Adobe, opening a crafted bmp, dib, png or rle file in Illustrator is sufficient to become infected with malicious code. In GoLive, this additionally requires the user to paste such a file into a GoLive document (an HTML file). The cause of the problem is a heap overflow when processing any of these file formats. Adobe had to contend with a similar problem in Photoshop CS2 and 3 back in April, following publication of a zero day exploit. It took until July for an update for Photoshop to be released.

Updates for Illustrator for Windows and Mac are already available. To date a complete update for GoLive is available for Windows only - the Apple version is still missing an updated plugin for png files. This should, however, be available soon. Until it is, Adobe is advising Mac users to deactivate the png plugin.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit