Adobe Monthly Security Update (August 2022)
Release Date: 10 Aug 2022
RISK: Medium Risk
TYPE: Clients - Productivity Products
Adobe has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes | Details (including CVE) |
| Adobe Commerce |  Medium Risk | Remote Code Execution Elevation of Privilege Cross-site Scripting Security Restriction Bypass | APSB22-38 | |
| Adobe Acrobat and Reader | Medium Risk | Remote Code Execution Information Disclosure | APSB22-39 | |
| Adobe Illustrator | Medium Risk | Remote Code Execution Information Disclosure | APSB22-41 | |
| Adobe Framemaker | Medium Risk | Information Disclosure Remote Code Execution | APSB22-42 | |
| Adobe Premiere Elements | Medium Risk | Elevation of Privilege | APSB22-43 |
Number of 'Extremely High Risk' product(s): 0
Number of 'High Risk' product(s): 0
Number of 'Medium Risk' product(s): 5
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': Medium Risk
Impact
- Cross-Site Scripting
- Remote Code Execution
- Information Disclosure
- Elevation of Privilege
- Security Restriction Bypass
System / Technologies affected
- Acrobat 2017 17.012.30249 and earlier versions
- Acrobat 2020 20.005.30362 and earlier versions
- Acrobat DC 22.001.20169 and earlier versions
- Acrobat Reader 2017 17.012.30249 and earlier versions
- Acrobat Reader 2020 20.005.30362 and earlier versions
- Acrobat Reader DC 22.001.20169 and earlier versions
- Adobe Commerce 2.3.7-p3 and earlier versions
- Adobe Commerce 2.4.3-p2 and earlier versions
- Adobe Commerce 2.4.4 and earlier versions
- Adobe FrameMaker 2019 Release Update 8 and earlier versions
- Adobe FrameMaker 2020 Release Update 4 and earlier versions
- Adobe Premiere Elements 2022 (Version 20.0)
- Illustrator 2021 25.4.6 and earlier versions
- Illustrator 2022 26.3.1 and earlier versions
- Magento Open Source 2.3.7-p3 and earlier versions
- Magento Open Source 2.4.3-p2 and earlier versions
- Magento Open Source 2.4.4 and earlier versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update
沒有留言:
發佈留言