Adobe Patches 123 Vulnerabilities
Adobe’s latest Patch Tuesday updates fix 123 vulnerabilities across 11 products.
Of the total, 57 vulnerabilities were patched in Adobe Experience Manager. The vast majority are XSS flaws that allow arbitrary code execution, and three issues have been described as improper input validation that can lead to a security feature bypass.
Two critical issues with a CVSS score of 10, both allowing arbitrary code execution, have been patched in Adobe Campaign Classic.
In ColdFusion, Adobe resolved seven vulnerabilities, including critical and high-severity issues that could allow arbitrary code execution, privilege escalation, and bypass of security features.
Twenty security holes have been fixed in Acrobat and Reader for Windows and macOS, including code execution, DoS, and memory exposure bugs.
Critical and high-severity code execution vulnerabilities have been patched by Adobe in Dreamweaver, Format Plugins, Experience Manager Forms, InDesign, InCopy, and Substance 3D Sampler.
Advertisement. Scroll to continue reading.
Adobe also...
Copyright of this story solely belongs to securityweek.com. To see the full text click HERE