Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution.
Adobe Photoshop is a raster graphics editor.
Adobe Experience Manager (AEM) is a comprehensive content management solution for building websites, mobile apps, and forms.
Adobe Audition is a comprehensive toolset that includes multitrack, waveform, and spectral display for creating, mixing, editing, and restoring audio content.
Adobe Media Encoder is an audio/video media processing program that allows users to convert files into other types of files.
Adobe FrameMaker Publishing Server is an enterprise software to automate multichannel publishing that lets you access publishing services remotely and output technical content in multiple formats and as mobile apps.
Adobe Commerce is a flexible and scalable commerce platform that lets you create personalized B2B and B2C experiences.
Adobe ColdFusion is a commercial rapid web-application development computing platform.
Adobe Substance 3D Stager a professional staging tool for scene design and rendering.
Adobe Creative Cloud is an assortment of applications and services created by Adobe that is ideal for photography, videography, design, and PDF creation.
Adobe Acrobat is a family of application software and Web services.
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights
More Stories
USN-7015-1: Python vulnerabilities
It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could...
USN-7014-1: nginx vulnerability
It was discovered that the nginx ngx_http_mp4 module incorrectly handled certain malformed mp4 files. In environments where the mp4 directive...
USN-7013-1: Dovecot vulnerabilities
It was discovered that Dovecot incorrectly handled a large number of address headers. A remote attacker could possibly use this...
USN-7012-1: curl vulnerability
Hiroki Kurosawa discovered that curl incorrectly handled certain OCSP responses. This could result in bad certificates not being checked properly,...
USN-7011-1: ClamAV vulnerabilities
It was discovered that ClamAV incorrectly handled certain PDF files. A remote attacker could possibly use this issue to cause...
USN-6560-3: OpenSSH vulnerability
USN-6560-2 fixed a vulnerability in OpenSSH. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: It...