29 C
Jaipur
Saturday, October 31, 2020

Critical Code Execution Flaws With Adobe Acrobat and Reader

Must read

Tesla Model S Plaid Vs Lucid Air Dream Edition: Which One Is Better?

Today, we have two of the most awaited electric cars, Tesla Model S Plaid and Lucid Air Dream Edition, up for a head-to-head comparison....

Apple Loses 10-Year Long Legal Battle, Will Pay $503 Million To VirnetX

A decade-long lawsuit between Apple and VirnetX has concluded with a Texas jury ordering Apple to pay the Nevada-based software company. Earlier this year,...

iPhone 12 No Charger In Box: The Good, The Bad, And Future Explained

The recently launched iPhone 12 lineup with a refreshed design, 5G, and a more durable screen. What it didn’t come with is a charger...

Adobe has released updates that fix twenty-six vulnerabilities in the Adobe Acrobat, Reader, and Lightroom products.

Out of 26 flaws, 11 are rated as critical, they could be exploited by hackers to run the arbitrary code remotely or to bypass security features on the vulnerable installations.

Adobe Acrobat and Reader | APSB20-48

Adobe released security updates for Adobe Acrobat and Reader for Windows and macOS, the updates cover critical and important vulnerabilities. Successful exploitation allows attackers to execute remote code in the context of the current user.

List of Vulnerabilities

Vulnerability Category Vulnerability Impact Severity CVE Number
Disclosure of Sensitive Data Memory Leak Important    CVE-2020-9697
Security bypass  Privilege Escalation  Important CVE-2020-9714
Out-of-bounds write Arbitrary Code Execution          Critical  CVE-2020-9693CVE-2020-9694
Security bypass Security feature bypass Critical  CVE-2020-9696CVE-2020-9712
Stack exhaustion Application denial-of-service Important  CVE-2020-9702CVE-2020-9703
Out-of-bounds read Information disclosure Important  CVE-2020-9723CVE-2020-9705CVE-2020-9706CVE-2020-9707CVE-2020-9710CVE-2020-9716CVE-2020-9717CVE-2020-9718CVE-2020-9719CVE-2020-9720CVE-2020-9721
Buffer error Arbitrary Code Execution          Critical  CVE-2020-9698CVE-2020-9699CVE-2020-9700CVE-2020-9701CVE-2020-9704
Use-after-free    Arbitrary Code Execution          Critical  CVE-2020-9715CVE-2020-9722

Fixed versions

Product Track Updated Versions Platform Priority Rating Availability
Acrobat DC Continuous 2020.012.20041 Windows and macOS 2 Windows    macOS  
Acrobat Reader DC Continuous 2020.012.20041 Windows and macOS 2 Windows
macOS
           
Acrobat 2020 Classic 2020            2020.001.30005 Windows and macOS      2 Windows    macOS  
Acrobat Reader 2020 Classic 2020            2020.001.30005 Windows and macOS      2 Windows
macOS
           
Acrobat 2017 Classic 2017 2017.011.30175 Windows and macOS 2 WindowsmacOS
Acrobat Reader 2017 Classic 2017 2017.011.30175 Windows and macOS 2 WindowsmacOS
           
Acrobat 2015 Classic 2015 2015.006.30527 Windows and macOS 2 WindowsmacOS
Acrobat Reader 2015 Classic 2015 2015.006.30527 Windows and macOS 2 WindowsmacOS

Adobe Lightroom | APSB20-51

Adobe Lightroom Classic for Windows and macOS covers important security updates, successful exploitation of the vulnerability allows attackers to escalate privilege.

List of Vulnerabilities

Vulnerability Category Vulnerability Impact Severity CVE Numbers
Insecure Library Loading Privilege escalation Important CVE-2020-9724

Adobe recommends users update their product installations to the latest versions using the instructions referenced in the bulletin.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity, and hacking news updates.

Related Read

Adobe Released Security Updates for 87 Vulnerabilities with Media Encoder, Flash, Adobe Acrobat and Reader

Adobe Released Security Updates & Fixed 43 Vulnerabilities in Acrobat Reader, Adobe Flash & More

Adobe Releases Security Updates that Fixes Critical Vulnerabilities with Photoshop CC and Digital Editions

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Tesla Model S Plaid Vs Lucid Air Dream Edition: Which One Is Better?

Today, we have two of the most awaited electric cars, Tesla Model S Plaid and Lucid Air Dream Edition, up for a head-to-head comparison....

Apple Loses 10-Year Long Legal Battle, Will Pay $503 Million To VirnetX

A decade-long lawsuit between Apple and VirnetX has concluded with a Texas jury ordering Apple to pay the Nevada-based software company. Earlier this year,...

iPhone 12 No Charger In Box: The Good, The Bad, And Future Explained

The recently launched iPhone 12 lineup with a refreshed design, 5G, and a more durable screen. What it didn’t come with is a charger...

Google Meet Now Supports Custom Backgrounds on the Web

As announced in August, Google Meet is getting support for custom backgrounds. The feature offers Google’s default set of default images including office...