Adobe has released three security updates for Adobe Flash Player (APSB17-17), Adobe Shockwave Player (APSB17-18), Adobe Captivate (APSB17-19) and Adobe Digital Editions (APSB17-20) which covers a total of 20 CVEs

Adobe Flash Player address critical vulnerabilities that could potentially allow an attacker to take control of the affected system, Digital Editions resolves few critical and important vulnerabilities that could lead to code execution, escalation of privilege and disclosure of memory addresses, Adobe Shockwave Player resolves a critical memory corruption vulnerability that could lead to code execution and the security updates also resolve an important information disclosure vulnerability resulting from an abuse of the quiz reporting feature in Adobe Captivate.

Here are the details of Critical Security Updates and Security Advisory:


APSB17-17 (Adobe Flash Player):

– Multiple memory corruption vulnerabilities that could lead to code execution (CVE-2017-3076, CVE-2017-3077, CVE-2017-3078, CVE-2017-3079, CVE-2017-3082).

– Multiple use-after-free vulnerabilities that could lead to code execution (CVE-2017-3075, CVE-2017-3081, CVE-2017-3083CVE-2017-3084).

  • Affected Versions:
  • Adobe Flash Player Desktop Runtime 25.0.0.171 and earlier versions on Windows and Macintosh and Linux.
    Adobe Flash Player for Google Chrome 25.0.0.171 and earlier versions on Windows, Macintosh, Linux, and ChromeOS.
    Adobe Flash Player for Microsoft Edge and Internet Explorer 25.0.0.171 and earlier versions for Windows 10 and 8.1


    APSB17-18 (Adobe Shockwave Player):

    – A memory corruption vulnerability that could lead to code execution (CVE-2017-3086).

  • Affected Versions:
  • Adobe Shockwave Player 12.2.8.198 and earlier versions on Windows.


    APSB17-19 (Adobe Captivate):

    – An Input Validation error that could lead to Information Disclosure (CVE-2017-3087).

  • Affected Versions:
  • Adobe Captivate 9 and earlier on Windows and Macintosh.


    APSB17-20 (Adobe Digital Editions):

    -Multiple memory corruption vulnerabilities that could lead to code execution (CVE-2017-3088, CVE-2017-3089, CVE-2017-3093, CVE-2017-3096).

    -Multiple Insecure Library Loading vulnerabilities that could lead to Escalation of privilege (CVE-2017-3090, CVE-2017-3092, CVE-2017-3097).

    -Multiple Stack Overflow vulnerabilities that could lead to Memory address disclosure (CVE-2017-3094, CVE-2017-3095).

  • Affected Versions:
  • Adobe Digital Editions 4.5.4 and earlier versions for Windows, Macintosh, iOS, and Android.


    SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.

     

    Summary
    Adobe Security Updates for June 2017
    Article Name
    Adobe Security Updates for June 2017
    Author
    Publisher Name
    SecPod Technologies
    Publisher Logo
    Loading Facebook Comments ...

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You may use these HTML tags and attributes:

    <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>