Adobe has released three security updates for Adobe Flash Player (APSB17-17), Adobe Shockwave Player (APSB17-18), Adobe Captivate (APSB17-19) and Adobe Digital Editions (APSB17-20) which covers a total of 20 CVEs.
Adobe Flash Player address critical vulnerabilities that could potentially allow an attacker to take control of the affected system, Digital Editions resolves few critical and important vulnerabilities that could lead to code execution, escalation of privilege and disclosure of memory addresses, Adobe Shockwave Player resolves a critical memory corruption vulnerability that could lead to code execution and the security updates also resolve an important information disclosure vulnerability resulting from an abuse of the quiz reporting feature in Adobe Captivate.
Here are the details of Critical Security Updates and Security Advisory:
APSB17-17 (Adobe Flash Player):
Adobe Flash Player Desktop Runtime 126.96.36.199 and earlier versions on Windows and Macintosh and Linux.
Adobe Flash Player for Google Chrome 188.8.131.52 and earlier versions on Windows, Macintosh, Linux, and ChromeOS.
Adobe Flash Player for Microsoft Edge and Internet Explorer 184.108.40.206 and earlier versions for Windows 10 and 8.1
– A memory corruption vulnerability that could lead to code execution (CVE-2017-3086).
Adobe Shockwave Player 220.127.116.11 and earlier versions on Windows.
– An Input Validation error that could lead to Information Disclosure (CVE-2017-3087).
Adobe Captivate 9 and earlier on Windows and Macintosh.
Adobe Digital Editions 4.5.4 and earlier versions for Windows, Macintosh, iOS, and Android.