Adobe Monthly Security Update (November 2023)
Release Date: 15 Nov 2023
RISK: Medium Risk
TYPE: Clients - Productivity Products
Adobe has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes | Details (including CVE) |
| Adobe ColdFusion |  Medium Risk | Remote Code Execution Security Restriction Bypass Cross-site Scripting | APSB23-52 | |
| Adobe RoboHelp Server | Medium Risk | Information Disclosure Remote Code Execution | APSB23-53 | |
| Adobe Acrobat and Reader | Medium Risk | Remote Code Execution Information Disclosure | APSB23-54 | |
| Adobe InDesign | Medium Risk | Denial of Service Information Disclosure | APSB23-55 | |
| Adobe Photoshop | Medium Risk | Remote Code Execution Information Disclosure | APSB23-56 | |
| Adobe Bridge | Medium Risk | Information Disclosure | APSB23-57 | |
| Adobe Framemaker | Medium Risk | Security Restriction Bypass | APSB23-58 | |
| Adobe InCopy | Medium Risk | Remote Code Execution | APSB23-60 | |
| Adobe Animate | Medium Risk | Information Disclosure | APSB23-61 | |
| Adobe Dimension | Medium Risk | Information Disclosure | APSB23-62 | |
| Adobe Media Encoder | Medium Risk | Remote Code Execution Information Disclosure | APSB23-63 | |
| Adobe Audition | Medium Risk | Remote Code Execution Information Disclosure | APSB23-64 | |
| Adobe Premiere Pro | Medium Risk | Remote Code Execution Information Disclosure | APSB23-65 | |
| Adobe After Effects | Medium Risk | Remote Code Execution Information Disclosure | APSB23-66 |
Number of 'Extremely High Risk' product(s): 0
Number of 'High Risk' product(s): 0
Number of 'Medium Risk' product(s): 14
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': Medium Risk
Impact
- Remote Code Execution
- Denial of Service
- Cross-Site Scripting
- Information Disclosure
- Security Restriction Bypass
System / Technologies affected
- ColdFusion 2023 Update 5 and earlier versions
- ColdFusion 2021 Update 11 and earlier versions
- RoboHelp Server RHS 11.4 and earlier versions
- Acrobat DC 23.006.20360 and earlier versions
- Acrobat Reader DC 23.006.20360 and earlier versions
- Acrobat 2020 20.005.30524 and earlier versions
- Acrobat Reader 2020 20.005.30524 and earlier versions
- Adobe InDesign ID18.5 and earlier versions
- Adobe InDesign ID17.4.2 and earlier versions
- Photoshop 2023 24.7.1 and earlier versions
- Photoshop 2024 25.0 and earlier versions
- Adobe Bridge 13.0.4 and earlier versions
- Adobe Bridge 14.0.0 and earlier versions
- Adobe FrameMaker Publishing Server Version - 2022 and earlier versions
- Adobe InCopy 18.5 and earlier versions
- Adobe InCopy 17.4.2 and earlier versions
- Adobe Animate 2023 23.0.2 and earlier versions
- Adobe Dimension 3.4.9 and earlier versions
- Adobe Media Encoder 24.0.2 and earlier versions
- Adobe Media Encoder 23.6 and earlier versions
- Adobe Audition 24.0 and earlier versions
- Adobe Audition 23.6.1 and earlier versions
- Adobe Premiere Pro 24.0 and earlier versions
- Adobe Premiere Pro 23.6 and earlier versions
- Adobe After Effects 24.0.2 and earlier versions
- Adobe After Effects 23.6 and earlier versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update
沒有留言:
發佈留言