Adobe Monthly Security Update (December 2023)
Release Date: 13 Dec 2023
RISK: Medium Risk
TYPE: Clients - Productivity Products
Adobe has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes | Details (including CVE) |
| Adobe Prelude |  Medium Risk | Information Disclosure | APSB23-67 | |
| Adobe Illustrator | Medium Risk | Remote Code Execution | APSB23-68 | |
| Adobe InDesign | Medium Risk | Denial of Service Information Disclosure | APSB23-70 | |
| Adobe Dimension | Medium Risk | Information Disclosure | APSB23-71 | |
| Adobe Experience Manager | Medium Risk | Cross-site Scripting Remote Code Execution Security Restriction Bypass | APSB23-72 | |
| Adobe Substance 3D Stager | Medium Risk | Information Disclosure | APSB23-73 | |
| Adobe Substance 3D Sampler | Medium Risk | Remote Code Execution | APSB23-74 | |
| Adobe After Effects | Medium Risk | Remote Code Execution Information Disclosure | APSB23-75 | |
| Adobe Substance 3D Designer | Medium Risk | Remote Code Execution Information Disclosure | APSB23-76 |
Number of 'Extremely High Risk' product(s): 0
Number of 'High Risk' product(s): 0
Number of 'Medium Risk' product(s): 9
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': Medium Risk
Impact
- Remote Code Execution
- Denial of Service
- Cross-Site Scripting
- Information Disclosure
- Security Restriction Bypass
System / Technologies affected
- Adobe Prelude 22.6 and earlier versions
- Illustrator 2024 28.0 and earlier versions
- Illustrator 2023 27.9 and earlier versions
- Adobe InDesign ID19.0 and earlier versions
- Adobe InDesign ID17.4.2 and earlier versions
- Adobe Dimension 3.4.10 and earlier versions
- Adobe Experience Manager (AEM) AEM Cloud Service (CS)
- Adobe Experience Manager (AEM) 6.5.18.0 and earlier versions
- Adobe Substance 3D Stager 2.1.1 and earlier versions
- Adobe Substance 3D Sampler 4.2.1 and earlier versions
- Adobe After Effects 24.0.3 and earlier versions
- Adobe After Effects 23.6.0 and earlier versions
- Adobe Substance 3D Designer 13.0.0 and earlier versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update
沒有留言:
發佈留言