Adobe Latest Update: Fixes Vulnerabilities in Acrobat and Reader

0

Vulnerabilities fixed by Adobe in Acrobat, Reader, and DNG SDK in the latest Update

The Software company Adobe fixed a total of 36 vulnerabilities in its three products. Adobe pushed a security update for three products to fix the vulnerabilities. Out of 36 vulnerabilities, 16 are classified as ‘Critical’ as they allow code execution or the bypassing of security features.

Adobe Acrobat is a family of application software and Web services developed by Adobe Inc. to view, create, manipulate, print, and manage files in Portable Document Format.

The Adobe DNG SDK provides support for reading and writing DNG files as well as support for converting DNG data into a format easily displayed or processed by imaging applications. This SDK can serve as a starting point for adding DNG support to existing applications that use and manipulate images or as an aid to adding DNG support within cameras.

However, we strongly recommend you to update the products to the latest version as soon as possible.

Adobe has released security updates for Acrobat and Reader that resolve a total of twenty-four vulnerabilities.

Out of these 24 vulnerabilities, 12 are critical which can bypass security, and others are DOS(Denial of Service) which are marked important.

List of vulnerabilities is given below:

Vulnerability CategoryVulnerability ImpactSeverityCVE Number
Null PointerApplication denial-of-serviceImportantCVE-2020-9610
Heap OverflowArbitrary Code ExecutionCriticalCVE-2020-9612
Race ConditionSecurity feature bypassCriticalCVE-2020-9615
Out-of-bounds writeArbitrary Code ExecutionCriticalCVE-2020-9597

CVE-2020-9594

Security bypassSecurity feature bypassCriticalCVE-2020-9614

CVE-2020-9613

CVE-2020-9596

CVE-2020-9592

Stack exhaustionApplication denial-of-serviceImportantCVE-2020-9611
Out-of-bounds readInformation disclosureImportantCVE-2020-9609

CVE-2020-9608

CVE-2020-9603

CVE-2020-9602

CVE-2020-9601

CVE-2020-9600

CVE-2020-9599

Buffer errorArbitrary Code ExecutionCriticalCVE-2020-9605

CVE-2020-9604

Use-after-freeArbitrary Code ExecutionCriticalCVE-2020-9607

CVE-2020-9606

Invalid memory accessInformation disclosureImportantCVE-2020-9598

CVE-2020-9595

CVE-2020-9593

[Source: Bleeping Computer]

The Adobe DNG Software Development Kit has 12 vulnerabilities. Out of 12 vulnerabilities, 4 of them are critical as they can bypass security, and others are classified as ‘Important’.

Vulnerability Category Vulnerability Impact Severity CVE Numbers 
Heap OverflowArbitrary Code ExecutionCriticalCVE-2020-9589

CVE-2020-9590

CVE-2020-9620

CVE-2020-9621

Out-of-Bounds ReadInformation DisclosureImportantCVE-2020-9622

CVE-2020-9623

CVE-2020-9624

CVE-2020-9625

CVE-2020-9626

CVE-2020-9627

CVE-2020-9628

CVE-2020-9629

However, it is highly recommended to update your Adobe Acrobat, Reader, and DNG SDK.

[Soruce: Bleeping Computer]

Share.

About Author

Be Ready for the challenge

Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments