Adobe Monthly Security Update (August 2024)
Release Date: 14 Aug 2024
RISK: Medium Risk
TYPE: Clients - Productivity Products
Adobe has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes | Details (including CVE) |
| Adobe Illustrator |  Medium Risk | Remote Code Execution Denial of Service Information Disclosure | APSB24-45 | |
| Adobe Dimension | Medium Risk | Remote Code Execution Information Disclosure | APSB24-47 | |
| Adobe Photoshop | Medium Risk | Remote Code Execution | APSB24-49 | |
| Adobe InDesign | Medium Risk | Remote Code Execution Denial of Service Information Disclosure | APSB24-56 | |
| Adobe Acrobat and Reader | Medium Risk | Remote Code Execution Elevation of Privilege Information Disclosure | APSB24-57 | |
| Adobe Bridge | Medium Risk | Remote Code Execution Information Disclosure | APSB24-59 | |
| Substance 3D Stager | Medium Risk | Remote Code Execution | APSB24-60 | |
| Adobe Commerce | Medium Risk | Remote Code Execution Security Restriction Bypass Information Disclosure Cross-site Scripting Elevation of Privilege | APSB24-61 | |
| Adobe InCopy | Medium Risk | Remote Code Execution | APSB24-64 | |
| Substance 3D Sampler | Medium Risk | Remote Code Execution Information Disclosure | APSB24-65 | |
| Substance 3D Designer | Medium Risk | Remote Code Execution | APSB24-67 |
Number of 'Extremely High Risk' product(s): 0
Number of 'High Risk' product(s): 0
Number of 'Medium Risk' product(s): 11
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': Medium Risk
Impact
- Remote Code Execution
- Information Disclosure
- Denial of Service
- Security Restriction Bypass
- Elevation of Privilege
- Cross-Site Scripting
System / Technologies affected
- Illustrator 2024 28.5 and earlier versions
- Illustrator 2023 27.9.4 and earlier versions
- Adobe Dimension 3.4.11 and earlier versions
- Photoshop 2023 24.7.3 and earlier versions
- Photoshop 2024 25.9.1 and earlier versions
- Adobe InDesign ID19.4 and earlier versions
- Adobe InDesign ID18.5.2 and earlier versions
- Acrobat DC 24.002.20991 and earlier versions
- Acrobat Reader DC 24.002.20991 and earlier versions
- Acrobat 2024 24.001.30123 and earlier versions
- Acrobat 2020 20.005.30636 and earlier versions
- Acrobat Reader 2020 20.005.30636 and earlier versions
- Adobe Bridge 13.0.8 and earlier versions
- Adobe Bridge 14.1.1 and earlier versions
- Adobe Substance 3D Stager 3.0.2 and earlier versions
- Adobe Commerce 2.4.7-p1 and earlier versions
- Adobe Commerce 2.4.6-p6 and earlier versions
- Adobe Commerce 2.4.5-p8 and earlier versions
- Adobe Commerce 2.4.4-p9 and earlier versions
- Magento Open Source2.4.7-p1 and earlier versions
- Magento Open Source2.4.6-p6 and earlier versions
- Magento Open Source2.4.5-p8 and earlier versions
- Magento Open Source2.4.4-p9 and earlier versions
- Adobe InCopy 19.4 and earlier versions
- Adobe InCopy 18.5.2 and earlier versions
- Adobe Substance 3D Sampler 4.5 and earlier versions
- Adobe Substance 3D Designer 13.1.2 and earlier versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update
沒有留言:
發佈留言