Adobe Products Multiple Vulnerabilities
Last Update Date:
14 Jul 2016
Release Date:
15 Jun 2016
3409
Views
RISK: Extremely High Risk
TYPE: Clients - Audio & Video
Multiple vulnerabilities have been identified in Adobe Brackets, ColdFusion, Creative Cloud Desktop Application, DNG Software Development Kit and Flash Player, which could be exploited by attackers to cross-site scripting, information disclosure and remote code execution.
Note: The Flash Player vulnerability is being actively exploited.
Impact
- Cross-Site Scripting
- Remote Code Execution
- Information Disclosure
System / Technologies affected
- Brackets 1.6 and earlier versions
- ColdFusion (2016 release) Update 1
- ColdFusion 11 Update 8 and earlier versions
- ColdFusion 10 Update 19 and earlier versions
- Creative Cloud Desktop Application 3.6.0.248 and earlier versions
- DNG Software Development Kit 1.4 (2012 release) and earlier versions
- Flash Player 21.0.0.242 and earlier versions
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix for the products. Please refer to related links or run software update.
Vulnerability Identifier
Source
Related Link
- https://helpx.adobe.com/security/products/flash-player/apsa16-03.html
- https://helpx.adobe.com/security/products/dng-sdk/apsb16-19.html
- https://helpx.adobe.com/security/products/brackets/apsb16-20.html
- https://helpx.adobe.com/security/products/creative-cloud/apsb16-21.html
- https://helpx.adobe.com/security/products/coldfusion/apsb16-22.html
Share with