CVE-2024-47450: 
Adobe Illustrator vulnerability analysis and mitigation

CVE-2024-47450 is a Heap-based Buffer Overflow vulnerability affecting Adobe Illustrator versions 28.7.1 and earlier. The vulnerability was disclosed on November 12, 2024, affecting both Windows and macOS operating systems (NVD, Adobe Advisory).

The vulnerability is classified as a Heap-based Buffer Overflow (CWE-122) that could lead to arbitrary code execution in the context of the current user. The vulnerability has received a CVSS v3.1 base score of 7.8 (HIGH) with the following vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (NVD).

If successfully exploited, this vulnerability could result in arbitrary code execution in the context of the current user. The impact could be particularly severe for users operating with administrative privileges, potentially allowing an attacker to install programs, view or modify data, or create new accounts with full user rights (CIS Advisory).

Adobe has released version 28.7.2 of Illustrator to address this vulnerability. Users are advised to update to the latest version immediately after appropriate testing. Organizations should also apply the principle of least privilege and restrict administrator privileges to dedicated administrator accounts (Adobe Advisory).