Adobe Monthly Security Update (February 2024)
Release Date: 14 Feb 2024
RISK: Medium Risk
TYPE: Clients - Productivity Products
Adobe has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes | Details (including CVE) |
| Magento and Adobe Commerce |  Medium Risk | Cross-site Scripting Remote Code Execution Denial of Service Security Restriction Bypass | APSB24-03 | |
| Adobe Substance 3D Painter | Medium Risk | Remote Code Execution Information Disclosure Denial of Service | APSB24-04 | |
| Adobe Acrobat and Reader | Medium Risk | Remote Code Execution Denial of Service Information Disclosure | APSB24-07 | |
| Adobe Framemaker | Medium Risk | Security Restriction Bypass | APSB24-10 | |
| Adobe Audition | Medium Risk | Remote Code Execution | APSB24-11 | |
| Adobe Substance 3D Designer | Medium Risk | Remote Code Execution | APSB24-13 |
Number of 'Extremely High Risk' product(s): 0
Number of 'High Risk' product(s): 0
Number of 'Medium Risk' product(s): 6
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': Medium Risk
Impact
- Remote Code Execution
- Information Disclosure
- Cross-Site Scripting
- Denial of Service
- Security Restriction Bypass
System / Technologies affected
- Adobe Commerce 2.4.6-p3 and earlier versions
- Adobe Commerce 2.4.5-p5 and earlier versions
- Adobe Commerce 2.4.4-p6 and earlier versions
- Adobe Commerce 2.4.3-ext-5 and earlier* versions
- Adobe Commerce 2.4.2-ext-5 and earlier* versions
- Adobe Commerce 2.4.1-ext-5 and earlier* versions
- Adobe Commerce 2.4.0-ext-5 and earlier* versions
- Adobe Commerce 2.3.7-p4-ext-5 and earlier* versions
- Magento Open Source 2.4.6-p3 and earlier versions
- Magento Open Source 2.4.5-p5 and earlier versions
- Magento Open Source 2.4.4-p6 and earlier versions
- Adobe Substance 3D Painter 9.1.1 and earlier versions
- Acrobat DC 23.008.20470 and earlier versions
- Acrobat Reader DC 23.008.20470 and earlier versions
- Acrobat 2020 20.005.30539 and earlier versions
- Acrobat Reader 2020 20.005.30539 and earlier versions
- Adobe FrameMaker Publishing Server Version 2022 Update 1 and earlier versions
- Adobe Audition 24.0.3 and earlier versions
- Adobe Audition 23.6.2 and earlier versions
- Adobe Substance 3D Designer 13.1.0 and earlier versions
Note:
* These versions are only applicable to customers participating in the Extended Support Program
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update
沒有留言:
發佈留言