Adobe: The exploitation of some vulnerabilities allowed the execution of arbitrary code and access to data.
Adobe has fixed 82 vulnerabilities in Acrobat and Acrobat Reader, Experience Manager, and Download Manager. It is worth noting that this month Adobe did not release any updates as part of the “Tuesday fixes”, as the company usually does.
The Acrobat Reader update resolved a total of 68 problems, including many vulnerabilities related to memory corruption, reading and writing outside the buffer, use after freeing, etc. Some vulnerabilities can be exploited to execute arbitrary code and disclose information.
- Country leaders urge governments to end cyberattacks on health systems
- Zoom: Over 500K Hacked Accounts Available on Hacker Forums
- Breaking: San Francisco Airport Websites Hacked & Data Breach
- MaxPatrol SIEM Detects Network Anomalies in Remote Operation
- Apple Safari browser will no longer accept new HTTPS Certificates with a validity period of more than 398 days
About 10 vulnerabilities were fixed in the Experience Manager Adobe content and media management system Adobe, the exploitation of which allows an attacker to gain unauthorized access to the organization’s Experience Manager environment. One cross-site scripting (XSS) vulnerability that allowed access to sensitive information was also fixed.
In Adobe’s Download Manager for Windows, Adobe fixed the privilege escalation vulnerability associated with insecure permissions.
According to representatives of Adobe, it is not yet known about any attacks that use these vulnerabilities.