Security News > 2020 > March > Adobe Discloses Dozens of Critical Photoshop, Acrobat Reader Flaws

Adobe Discloses Dozens of Critical Photoshop, Acrobat Reader Flaws
2020-03-18 13:51

Adobe has released out-of-band updates addressing critical vulnerabilities in its Photoshop and Acrobat Reader products, which if exploited could allow arbitrary code-execution.

In this most recent group, Adobe Photoshop had the most vulnerabilities fixed, with 22 CVEs addressed overall, 16 of which were critical: "Adobe has released updates for Photoshop for Windows and macOS. These updates resolve multiple critical and important vulnerabilities," according to Adobe's advisory.

Other vulnerabilities include two critical flaws in Adobe ColdFusion, including a remote file read from the ColdFusion install directory; and a critical file inclusion flaw enabling arbitrary code execution of files located in the webroot or subdirectory.

Adobe also patched important severity flaws in its Adobe Genuine Integrity Service and Adobe Experience Manager.

While Adobe had no regularly scheduled updates earlier in March, it did stomp out flaws tied to 42 CVEs in its regularly scheduled February updates, with 35 of those flaws being critical in severity.


News URL

https://threatpost.com/critical-adobe-photoshop-acrobat-reader-flaws/153902/?utm_source=rss&utm_medium=rss&utm_campaign=critical-adobe-photoshop-acrobat-reader-flaws

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Adobe 105 47 824 1650 622 3143