Adobe Monthly Security Update (October 2024)
Release Date: 9 Oct 2024
RISK: Medium Risk
TYPE: Clients - Productivity Products
Adobe has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes | Details (including CVE) |
| Substance 3D Painter |  Medium Risk | Information Disclosure | APSB24-52 | |
| Adobe Commerce | Medium Risk | Elevation of Privilege Security Restriction Bypass Cross-site Scripting Remote Code Execution Information Disclosure | APSB24-73 | |
| Adobe Dimension | Medium Risk | Remote Code Execution | APSB24-74 | |
| Adobe Animate | Medium Risk | Remote Code Execution Information Disclosure | APSB24-76 | |
| Adobe Lightroom | Medium Risk | Information Disclosure | APSB24-78 | |
| Adobe InCopy | Medium Risk | Remote Code Execution | APSB24-79 | |
| Adobe InDesign | Medium Risk | Remote Code Execution | APSB24-80 | |
| Substance 3D Stager | Medium Risk | Remote Code Execution | APSB24-81 | |
| Adobe FrameMaker | Medium Risk | Remote Code Execution | APSB24-82 |
Number of 'Extremely High Risk' product(s): 0
Number of 'High Risk' product(s): 0
Number of 'Medium Risk' product(s): 9
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': Medium Risk
Impact
- Remote Code Execution
- Information Disclosure
- Elevation of Privilege
- Cross-Site Scripting
- Security Restriction Bypass
System / Technologies affected
- Adobe Substance 3D Painter 10.0.1 and earlier versions
- Adobe Commerce 2.4.7-p2 and earlier versions
- Adobe Commerce 2.4.6-p7 and earlier versions
- Adobe Commerce 2.4.5-p9 and earlier versions
- Adobe Commerce 2.4.4-p10 and earlier versions
- Adobe Commerce B2B 1.4.2-p2 and earlier versions
- Adobe Commerce B2B 1.3.5-p7 and earlier versions
- Adobe Commerce B2B 1.3.4-p9 and earlier versions
- Adobe Commerce B2B 1.3.3-p10 and earlier versions
- Magento Open Source 2.4.7-p2 and earlier versions
- Magento Open Source 2.4.6-p7 and earlier versions
- Magento Open Source 2.4.5-p9 and earlier versions
- Magento Open Source 2.4.4-p10 and earlier versions
- Adobe Dimension 4.0.3 and earlier versions
- Adobe Animate 2023 23.0.7 and earlier versions
- Adobe Animate 2024 24.0.4 and earlier versions
- Lightroom 7.4.1 and earlier versions
- Lightroom Classic 13.5 and earlier versions
- Lightroom Classic (LTS) 12.5.1 and earlier versions
- Adobe InCopy 19.4 and earlier versions
- Adobe InCopy 18.5.3 and earlier versions
- Adobe InDesign ID19.4 and earlier versions
- Adobe InDesign ID18.5.3 and earlier versions
- Adobe Substance 3D Stager 3.0.3 and earlier versions
- Adobe FrameMaker 2020 Release Update 6 and earlier versions
- Adobe FrameMaker 2022 Release Update 4 and earlier versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update
沒有留言:
發佈留言