Skip to main content

Adobe Monthly Security Update (August 2023)

Release Date: 9 Aug 2023 3389 Views

RISK: Medium Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

Adobe has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotesDetails (including CVE)
Adobe Acrobat and ReaderMedium Risk Medium RiskSecurity Restriction Bypass
Denial of Service
Information Disclosure
Remote Code Execution
 APSB23-30
Adobe CommerceMedium Risk Medium RiskInformation Disclosure
Remote Code Execution
Elevation of Privilege
 APSB23-42
DimensionMedium Risk Medium RiskRemote Code Execution
Information Disclosure
 APSB23-44
Adobe XMP Toolkit SDKMedium Risk Medium RiskDenial of Service APSB23-45

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 0

Number of 'Medium Risk' product(s): 4

Number of 'Low Risk' product(s): 0

Evaluation of overall 'Risk Level': Medium Risk


Impact

  • Remote Code Execution
  • Information Disclosure
  • Security Restriction Bypass
  • Denial of Service
  • Elevation of Privilege

System / Technologies affected

  • Acrobat DC 23.003.20244 and earlier versions
  • Acrobat Reader DC 23.003.20244 and earlier versions
  • Acrobat 2020 20.005.30467 and earlier versions
  • Acrobat Reader 2020 20.005.30467 and earlier versions
  • Adobe Commerce 2.4.6-p1 and earlier versions
  • Adobe Commerce 2.4.5-p3 and earlier versions
  • Adobe Commerce 2.4.4-p4 and earlier versions
  • Adobe Commerce 2.4.3-ext-3 and earlier* versions
  • Adobe Commerce 2.4.2-ext-3 and earlier* versions
  • Adobe Commerce 2.4.1-ext-3 and earlier* versions
  • Adobe Commerce 2.4.0-ext-3 and earlier* versions
  • Adobe Commerce 2.3.7-p4-ext-3 and earlier* versions
  • Magento Open Source 2.4.6-p1 and earlier versions
  • Magento Open Source 2.4.5-p3 and earlier versions
  • Magento Open Source 2.4.4-p4 and earlier versions
  • Adobe Dimension 3.4.9 and earlier versions
  • Adobe XMP-Toolkit-SDK 2022.06 and earlier versions

* These versions are only applicable to customers participating in the Extended Support Program


Solutions

Before installation of the software, please visit the vendor web-site for more details.

  • Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update

Vulnerability Identifier

 

Source


Related Link