Security News > 2020 > May > Adobe Patches 36 Vulnerabilities in Acrobat, DNG SDK

Adobe Patches 36 Vulnerabilities in Acrobat, DNG SDK
2020-05-12 18:56

Adobe has patched a total of 36 vulnerabilities in its Acrobat and Reader products and the DNG software development kit.

Several researchers have been credited by Adobe for reporting the Acrobat and Reader vulnerabilities.

In the DNG SDK for Windows and macOS, Adobe fixed a dozen vulnerabilities, including four critical heap overflow bugs that can be exploited for code execution, and eight important out-of-bounds read issues that can lead to information disclosure.

All of the DNG SDK vulnerabilities were reported to Adobe by Mateusz Jurczyk from Google Project Zero.

Adobe says none of the vulnerabilities patched on Tuesday has been exploited in malicious attacks and, based on the priority ratings assigned by the company, it does not expect to see them being exploited too soon.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/SsKUzcvIp54/adobe-patches-36-vulnerabilities-acrobat-dng-sdk

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Adobe 166 68 2143 934 2114 5259