Trend Micro advises users about an existing vulnerability in Adobe
Illustrator. The exploit happens when the said application fails to
successfully parse comments from EPS (Encapsulated PostScript) files, leading to
a buffer overflow.
Once the vulnerability is successfully exploited, attackers can be allowed to
execute arbitrary code on the compromised system, allowing them to gain complete
control of it.
TREND MICRO PROTECTION INFORMATION
For Trend Micro clients using OfficeScan with Intrusion Defense Firewall (IDF)
please refer to filter identifier(s) specific to this advisory's vulnerability
identifiers. For patch information and suggested workarounds, users are advised to refer to
this Adobe webpage: http://www.adobe.com/support/security/advisories/apsa09-06.html
Trend Micro Deep Security DPI Rule Number: 1003864
Administrators of NGINX web servers running PHP-FPM are advised to patch a vulnerability (CVE-2019-11043) that can let threat actors execute remote code on vulnerable, NGINX-enabled web servers. Here’s what you need to know.