Threat Research

Fortinet Security Researchers Discover Multiple Vulnerabilities in Adobe and Cisco Products

By Peixue Li | November 15, 2019

This past Patch Tuesday, November 12th, Adobe announced a number of Security Updates for Adobe Illustrator CC. They included two critical vulnerabilities that were originally discovered by Fortinet Threat Researcher Kushal Arvind Shah.

The week before, on Wednesday, November 6th, a number of  Security Updates were also released by Cisco Systems. They included five high risk vulnerabilities for their Cisco Webex Network Recording Player and Webex Player tools. These vulnerabilities were also discovered by Kushal Arvind Shah as well as Fortinet security researcher Yici Zhang.

All of these vulnerabilities have now been patched. More information about them, and the Fortinet solutions that address them, is included below:

CVE-2019-8247

This is a memory corruption vulnerability found in Adobe Illustrator CC. Specifically, the vulnerability is caused by a crafted PCT file which causes an out-of-bounds write memory access. If exploited, it could lead to arbitrary code execution in the context of the current user.

An attacker could exploit this vulnerability by sending a user a malicious PCT file using a link or email attachment and then convincing the user to open the file with the affected software.

Fortinet had previously released IPS signature Adobe.Illustrator.CVE-2019-8247.Memory.Corruption to proactively protect our customers.

CVE-2019-8248

This is a memory corruption vulnerability found in Adobe Illustrator CC. Specifically, the vulnerability is caused by a crafted TGA file which causes an out-of-bounds memory access. If exploited, it could lead to arbitrary code execution in the context of the current user.

An attacker could exploit this vulnerability by sending a user a malicious TGA file using a link or email attachment and then convincing the user to open the file with the affected software.

Fortinet had previously released IPS signature Adobe.Illustrator.CVE-2019-8248.Memory.Corruption to proactively protect our customers.

CVE-2019-15283

This is a memory corruption vulnerability found in the Cisco Webex Network Recording Player and Webex Player. Specifically, the vulnerability is caused by a crafted ARF file due to insufficient validation of certain elements, which causes an out-of-bounds memory access. If exploited, it could lead to arbitrary code execution in the context of the current user.

An attacker could exploit this vulnerability by sending a user a malicious ARF file using a link or email attachment and then convincing the user to open the file with the affected software.

Fortinet had previously released IPS signature Cisco.WebEx.CVE-2019-15283.Memory.Corruption to proactively protect our customers.

CVE-2019-15284

This is a memory corruption vulnerability found in the Cisco Webex Network Recording Player and Webex Player. Specifically, the vulnerability is caused by a crafted ARF file due to insufficient validation of certain elements, which causes an out-of-bounds memory access. If exploited, it could lead to arbitrary code execution in the context of the current user.

An attacker could exploit this vulnerability by sending a user a malicious ARF file using a link or email attachment and then convincing the user to open the file with the affected software.

Fortinet had previously released IPS signature Cisco.WebEx.CVE-2019-15284.Memory.Corruption to proactively protect our customers.

CVE-2019-15285

This is a memory corruption vulnerability found in the Cisco Webex Network Recording Player and Webex Player. Specifically, the vulnerability is caused by a crafted ARF file due to insufficient validation of certain elements, which causes an out-of-bounds memory access. If exploited, it could lead to arbitrary code execution in the context of the current user.

An attacker could exploit this vulnerability by sending a user a malicious ARF file using a link or email attachment and then convincing the user to open the file with the affected software.

Fortinet had previously released IPS signature Cisco.WebEx.CVE-2019-15285.Memory.Corruption to proactively protect our customers.

CVE-2019-15286

This is a memory corruption vulnerability found in the Cisco Webex Network Recording Player and Webex Player. Specifically, the vulnerability is caused by a crafted ARF file due to insufficient validation of certain elements, which causes an out-of-bounds memory access. If exploited, it could lead to arbitrary code execution in the context of the current user.

An attacker could exploit this vulnerability by sending a user a malicious ARF file using a link or email attachment and then convincing the user to open the file with the affected software.

Fortinet had previously released IPS signature Cisco.WebEx.CVE-2019-15286.Memory.Corruption to proactively protect our customers.

CVE-2019-15287

This is a memory corruption vulnerability found in the Cisco Webex Network Recording Player and Webex Player. Specifically, the vulnerability is caused by a crafted ARF file due to insufficient validation of certain elements, which causes an out-of-bounds memory access. If exploited, it could lead to arbitrary code execution in the context of the current user.

An attacker could exploit this vulnerability by sending a user a malicious ARF file using a link or email attachment and then convincing the user to open the file with the affected software.

Fortinet had previously released IPS signature Cisco.WebEx.CVE-2019-15287.Memory.Corruption to proactively protect our customers.

Learn more about FortiGuard Labs and the FortiGuard Security Services portfolioSign up for our weekly FortiGuard Threat Brief.

Read about the FortiGuard Security Rating Service, which provides security audits and best practices.