Your one-stop web resource providing safety and security information to manufacturers

In its Patch Tuesday release, Adobe fixed 113 vulnerabilities in its various product lines.

Along those lines, Adobe cleared 105 holes in Acrobat and Reader, two in Flash Player, three in Experience Manager, and three in Connect.

Adobe Fixes Flash Zero Day
Acrobat, Reader Patches from Adobe
Adobe Patches Flash Flaw
Adobe Patches Vulnerabilities

The latest versions of Acrobat and Reader for Windows and macOS address critical memory corruption bugs that can allow remote code execution, including double-free, heap overflow, use-after-free, out-of-bounds write, type confusion, untrusted pointer dereference, and buffer error issues.

Fixed vulnerabilities include a critical privilege escalation and out-of-bounds read issues that lead to information disclosure.

Schneider Bold

Flash Player version resolves a critical type confusion issue that can lead to code execution and a flaw rated important that can result in information disclosure.

Fixes released by Adobe for Experience Manager patch three server-side request forgery (SSRF) vulnerabilities that can lead to the exposure of sensitive information, but none of the flaws are critical.

Updates released for Adobe Connect take care of authentication bypass and insecure library loading flaws.

Adobe said there are no malicious exploitation attempts to date for the vulnerabilities.

Pin It on Pinterest

Share This