The vulnerability is caused due to an error in the parsing of
Encapsulated Postscript Files (.eps) and can be exploited to corrupt
memory when a user opens a specially crafted .eps file. Successful
exploitation allows execution of arbitrary code.
The flaw is confirmed in version CS3 13.0.0 and CS4 14.0.0. Other versions may also be affected.
Here is a link to exploit code that works against Windows XP Service Pack 3.
overlong string as DSC comment (more than 42000 bytes) results in a
direct EIP overwrite. Exception is first-chance so the program will
never crash. At the moment of the redirection EAX and ESI are
In the interim, Secunia recommends that Illustrator users avoid opening files from untrusted sources.