Adobe Security Updates – July 2018
Adobe, This Tuesday as always released its security updates July 2018, monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 4 advisories with 112 vulnerabilities , with 78 of them rated critical, 34 are rated important in severity. These vulnerabilities impact Acrobat Reader and Acrobat products, Adobe Connect, Adobe Experience Manager and Adobe Flash Player.
Adobe Flash Player
One of which has been rated critical (CVE-2018-5007), and successful exploitation of this “type confusion” flaw could allow an attacker to execute arbitrary code on the targeted system in the context of the current user.
Adobe Acrobat and Reader
104 security vulnerabilities in Adobe Acrobat and Reader have been patched, of which 51 are rated as critical and 53 are important in severity. Dozens of critical heap overflow, use-after-free, out-of-bounds write, type confusion, untrusted pointer dereference and buffer errors vulnerabilities which could allow an attacker to execute arbitrary code on the targeted system in the context of the current user
Adobe Experience Manager
Three important Server-Side Request Forgery (SSRF) vulnerabilities have been patched in Experience Manager, an enterprise content management solution, which could result in sensitive information disclosure.
Adobe Connect
Three security vulnerabilities in Adobe Connect have been patched, two of which, rated important, could allow an attacker to bypass the authentication, hijack web sessions and steal sensitive information.
Affected products:
- Acrobat Reader and Acrobat
- Adobe Connect
- Adobe Experience Manager
- Adobe Flash Player
Adobe Security Bulletin summary for July 2018:
Product : Adobe Acrobat and ReaderCVE’s/Advisory : APSB18-21, CVE-2018-12782, CVE-2018-5015, CVE-2018-5028, CVE-2018-5032, CVE-2018-5036, CVE-2018-5038, CVE-2018-5040, CVE-2018-5041, CVE-2018-5045, CVE-2018-5052, CVE-2018-5058, CVE-2018-5067, CVE-2018-12785, CVE-2018-12788, CVE-2018-12798, CVE-2018-5009, CVE-2018-5011, CVE-2018-5065, CVE-2018-12756, CVE-2018-12770, CVE-2018-12772, CVE-2018-12773, CVE-2018-12776, CVE-2018-12783, CVE-2018-12791, CVE-2018-12792, CVE-2018-12796, CVE-2018-12797, CVE-2018-5020, CVE-2018-5021, CVE-2018-5042, CVE-2018-5059, CVE-2018-5064, CVE-2018-5069, CVE-2018-5070, CVE-2018-12754, CVE-2018-12755, CVE-2018-12758, CVE-2018-12760, CVE-2018-12771, CVE-2018-12787, CVE-2018-12802, CVE-2018-5010, CVE-2018-12803, CVE-2018-5014, CVE-2018-5016, CVE-2018-5017, CVE-2018-5018, CVE-2018-5019, CVE-2018-5022, CVE-2018-5023, CVE-2018-5024, CVE-2018-5025, CVE-2018-5026, CVE-2018-5027, CVE-2018-5029, CVE-2018-5031, CVE-2018-5033, CVE-2018-5035, CVE-2018-5039, CVE-2018-5044, CVE-2018-5046, CVE-2018-5047, CVE-2018-5048, CVE-2018-5049, CVE-2018-5050, CVE-2018-5051, CVE-2018-5053, CVE-2018-5054, CVE-2018-5055, CVE-2018-5056, CVE-2018-5060, CVE-2018-5061, CVE-2018-5062, CVE-2018-5063, CVE-2018-5066, CVE-2018-5068, CVE-2018-12757, CVE-2018-12761, CVE-2018-12762, CVE-2018-12763, CVE-2018-12764, CVE-2018-12765, CVE-2018-12766, CVE-2018-12767, CVE-2018-12768, CVE-2018-12774, CVE-2018-12777, CVE-2018-12779, CVE-2018-12780, CVE-2018-12781, CVE-2018-12786, CVE-2018-12789, CVE-2018-12790, CVE-2018-12795, CVE-2018-5057, CVE-2018-12793, CVE-2018-12794, CVE-2018-5012, CVE-2018-5030, CVE-2018-5034, CVE-2018-5037, CVE-2018-5043, CVE-2018-12784Severity : CriticalImpact : Arbitrary Code Execution, Privilege Escalation, Information Disclosure
Product : Adobe ConnectCVE’s/Advisory : APSB18-22, CVE-2018-4994, CVE-2018-12804, CVE-2018-12805Severity : ImportantImpact : Sensitive Information Disclosure, Session hijacking, Privilege Escalation
Product : Adobe Experience ManagerCVE’s/Advisory : APSB18-23, CVE-2018-5004, CVE-2018-5006, CVE-2018-12809Severity : ImportantImpact : Sensitive Information disclosure
Product : Adobe Flash PlayerCVE’s/Advisory : APSB18-24, CVE-2018-5008, CVE-2018-5007Severity : CriticalImpact : Arbitrary Code Execution, Information Disclosure
SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.
