PATCH NOW

Adobe has released critical security updates for Experience Manager, Connect, Flash Player, Photoshop CC and Bridge CC. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system. The Linux and Mac operating systems are affected apart from Windows.

Here are the details of 4 Critical Security Updates:

APSB16-05 (Adobe Experience Manager) :
– A URL filter bypass vulnerability that could be used to circumvent dispatcher rules (CVE-2016-0957).
– An information disclosure vulnerability affecting Apache Sling Servlets Post 2.3.6 (CVE-2016-0956).
– A cross-site scripting vulnerability that could lead to information disclosure (CVE-2016-0955).

Affected Versions: 6.1.0, 6.0.0, 5.6.0 on Windows, Unix, Linux and OS X.

APSB16-04 (Adobe Flash Player):
A type confusion vulnerability that could lead to code execution (CVE-2016-0985).
An use-after-free vulnerabilities that could lead to code execution (CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984).
– A heap buffer overflow vulnerability that could lead to code execution (CVE-2016-0971).
– The memory corruption vulnerabilities that could lead to code execution
(CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967,
CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972,
CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979,
CVE-2016-0980, CVE-2016-0981).

Affected Versions: 18.0.0.326 and earlier, 20.0.0.305 and earlier on Windows and OS X, 11.2.202.559 and earlier on Unix, Linux.

APSB16-03 (Adobe Connect):
– A Cross-Site Request Forgery protection feature (CVE-2016-0948).
– An insufficient input validation in a URL parameter (CVE-2016-0949).
– A vulnerability that could be used to misrepresent information presented in the user interface (content spoofing) (CVE-2016-0950).

Affected Versions: 9.4.2 and earlier versions on Windows.

APSB16-07 (Adobe Photoshop CC and Bridge CC):
– The memory corruption vulnerabilities that could lead to code execution (CVE-2016-0951, CVE-2016-0952, CVE-2016-0953).

Affected Versions: 6.1.1 and earlier versions on Windows and OS X.

SecPod Saner detects these vulnerabilities and automatically fixes by applying security updates. Download Saner now and keep your systems updated and secure.

– Kashinath

Loading Facebook Comments ...

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>