Login to your account

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *
Reload Captcha

Advertisement 

×

Message

EU e-Privacy Directive

This website uses cookies to manage authentication, navigation, and other functions. By using our website, you agree that we can place these types of cookies on your device.

View e-Privacy Directive Documents

You have declined cookies. This decision can be reversed.

Adobe Has Issued Over 100 Patches for Flash, Acrobat and Reader

Written by  Jul 10, 2018

Adobe fixed a raft of critical vulnerabilities in its Flash Player and Acrobat products as part of its regularly scheduled update on Tuesday morning.

Overall, the company issued a 111 fixes for vulnerabilities in its products spanning from Flash Player (two bugs), Acrobat and Reader (104 bugs), and Experience Manager (two bugs), to Adobe Connect (three bugs). While Acrobat products contained the bulk of these vulnerabilities, Flash Player also had a notable critical arbitrary code execution bug (CVE-2018-5007).

Advertisement 

The two Flash Player bugs were addressed by Adobe and tied to various versions of player – including a critical arbitrary code execution bug (CVE-2018-5007) and an important information disclosure out-of-bounds read bug (CVE-2018-5008). Impacted are versions 30.0.0.113 and earlier for Adobe Flash Player Desktop Runtime in Windows, MacOS, and Linux; Adobe Flash Player for Google Chrome for Windows, MacOS, Chrome OS and Linux; and Adobe Flash Player for Microsoft Edge and Internet Explorer 11 for Windows 10 and 8.1.

Users of are urged to update to version 30.0.0.134 using various installation methods, including the Flash Player Download Center, said Adobe.

Overall, 104 vulnerabilities were patched in Adobe Acrobat and Reader PDF products, including 53 critical bugs and 51 vulnerabilities rated important. Impacted are Acrobat DC and Acrobat Reader DC versions 2018.011.20040 and earlier versions; Acrobat 2017 and Acrobat Reader DC 2017 2017.011.30080 and earlier versions; and Acrobat DC and Acrobat Reader DC versions 2015.006.30418 and earlier versions. All impacted versions are available for both Windows and macOS, said Adobe.

The critical bugs include arbitrary code execution bugs such as a double free vulnerability (CVE-2018-12782),  14 heap overflow bugs, 13 use-after-free bugs, 13 out-of-bounds write vulnerabilities, and three type confusion bugs.

A critical security bypass privilege escalation bug (CVE-2018-12802) was also addressed for Acrobat products.

Adobe also released patches for three vulnerabilities in its Adobe Connect presentation software, for versions 9.7.5 and earlier, rated important. The update resolves an authentication bypass vulnerability (CVE-2018-4994) “which could result in sensitive information disclosure if successfully exploited,” Adobe said.

Advertisement 

The update also addresses an important session management vulnerability (CVE-2018-12804) due to inadequate validation of Connect meeting session tokens. Also “the Connect add-in installer prior to 9.7 insecurely loads DLL files (CVE-2018-12805), which could be abused to escalate local privileges,” said Adobe.

Adobe also patched three vulnerabilities rated important in its Experience Manager enterprise CMS product, impacting versions 6.0 to 6.4. All three were Sensitive Information Disclosure bugs.

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

Latest

3rd Party Patch Released for Windows Zero-Day

Aug 31, 2018 Cyber News

3rd Party Patch Released for Windows Zero-Day

A patch is available for a Windows zero-day that became public knowledge earlier this week, but it’s not from Microsoft...

Advertisement 

  1. Popular
  2. Trending
  3. Comments

Calendar

« September 2018 »
Mon Tue Wed Thu Fri Sat Sun
          1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30

Advertisement 

Advertisement