Tech giant Adobe released security updates march 2018 patching up critical and important security holes in its Dreamweaver CC, Adobe Connect, and Flash Player products. A patch management tool made this possible. Dreamweaver CC used for website creation, Connect used for web meetings and Flash Player used for executing and displaying content from a Small Web Format (SWF) file. Also, Five vulnerabilities were patched up in which three are identified as critical.
The tally contains vulnerabilities as critical as Arbitrary Code Execution and Remote Code Execution, which if exploited successfully could allow for arbitrary code execution in the context of the privileges allotted to the current user. Also, Other important vulnerabilities enlisted are Arbitrary file deletion and Information disclosure. Which can lead to unintended arbitrary local file removal or forced uninstall of an application. Moreover, Using cross-site scripting via an unrestricted SWF file upload vulnerability. However, A vulnerability management solution can manage these attacks.
Affected Products in security updates March 2018 :
- Adobe Dreamweaver CC
- Adobe Connect
- Adobe Flash Player
Vulnerability Details given in Adobe Security Updates March 2018:
[table id=5 /]
Affected Versions & Solutions:
[table id=6 /]
SecPod Saner detects these vulnerabilities and automatically fixes them by applying security updates.