Adobe Monthly Security Update (June 2024)
Release Date: 12 Jun 2024
RISK: Medium Risk
TYPE: Clients - Productivity Products
Adobe has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes | Details (including CVE) |
| Adobe Photoshop |  Medium Risk | Remote Code Execution | APSB24-27 | |
| Adobe Experience Manager | Medium Risk | Remote Code Execution Cross-site Scripting | APSB24-28 | |
| Adobe Audition | Medium Risk | Denial of Service Information Disclosure | APSB24-32 | |
| Adobe Media Encoder | Medium Risk | Information Disclosure | APSB24-34 | |
| Adobe FrameMaker Publishing Server | Medium Risk | Information Disclosure Elevation of Privilege | APSB24-38 | |
| Adobe Commerce | Medium Risk | Remote Code Execution Elevation of Privilege Cross-site Scripting | APSB24-40 | |
| Adobe ColdFusion | Medium Risk | Security Restriction Bypass | APSB24-41 | |
| Adobe Substance 3D Stager | Medium Risk | Remote Code Execution | APSB24-43 | |
| Adobe Creative Cloud Desktop | Medium Risk | Remote Code Execution | APSB24-44 | |
| Adobe Acrobat Android | Medium Risk | Security Restriction Bypass | APSB24-50 |
Number of 'Extremely High Risk' product(s): 0
Number of 'High Risk' product(s): 0
Number of 'Medium Risk' product(s): 10
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': Medium Risk
Impact
- Remote Code Execution
- Denial of Service
- Security Restriction Bypass
- Elevation of Privilege
- Information Disclosure
- Cross-Site Scripting
System / Technologies affected
- Adobe Photoshop 2023 24.7.3 and earlier versions
- Adobe Photoshop 2024 25.7 and earlier versions
- Adobe Experience Manager (AEM) AEM Cloud Service (CS)
- Adobe Experience Manager (AEM) 6.5.20 and earlier versions
- Adobe Audition 24.2 and earlier versions
- Adobe Audition 23.6.4 and earlier versions
- Adobe Media Encoder 24.3 and earlier versions
- Adobe Media Encoder 23.6.5 and earlier versions
- Adobe FrameMaker Publishing Server Version 2022.2 and earlier versions
- Adobe FrameMaker Publishing Server Version 2020 Update 3 and earlier versions
- Adobe Commerce 2.4.7 and earlier versions
- Adobe Commerce 2.4.6-p5 and earlier versions
- Adobe Commerce 2.4.5-p7 and earlier versions
- Adobe Commerce 2.4.4-p8 and earlier versions
- Adobe Commerce 2.4.3-ext-7 and earlier versions
- Adobe Commerce 2.4.2-ext-7 and earlier versions
- Adobe Commerce 2.4.1-ext-7 and earlier versions
- Adobe Commerce 2.4.0-ext-7 and earlier versions
- Adobe Commerce 2.3.7-p4-ext-7 and earlier versions
- Magento Open Source 2.4.7 and earlier versions
- Magento Open Source 2.4.6-p5 and earlier versions
- Magento Open Source 2.4.5-p7 and earlier versions
- Magento Open Source 2.4.4-p8 and earlier versions
- Adobe Commerce Webhooks Plugin 1.2.0 to 1.4.0
- Adobe ColdFusion 2023 Update 7 and earlier versions
- Adobe ColdFusion 2021 Update 13 and earlier versions
- Adobe Substance 3D Stager 2.1.4 and earlier versions
- Adobe Creative Cloud Desktop Application 6.1.0.587 and earlier version
- Adobe Acrobat Android 24.4.2.33155 and earlier versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update
沒有留言:
發佈留言