Adobe April Security Update fixed many high-risk vulnerabilities

by ddos · April 10, 2019

On April 9th, Adobe officially released the April security update, which fixes multiple vulnerabilities in Adobe’s various products, including Adobe Flash player, Shockwave player, Dreamweaver, XD CC, InDesign, Experience Manager Forms, and Bridge CC.

Adobe Reader PDF vulnerability

Vulnerability Overview

Adobe Flash Player

Adobe has released a security update for Adobe Flash Player that fixes 2 security vulnerabilities.

The vulnerabilities are summarized as follows:

Vulnerability impact	severity	CVE number
Arbitrary Code Execution	Critical	CVE-2019-7096
Information Disclosure	Important	CVE-2019-7108

Affected version:
Adobe Flash player version <= 32.0.0.156
Unaffected version:
Adobe Flash player version 32.0.0.171

Adobe Shockwave Player

Adobe has released a security update for Adobe Shockwave Player that fixes 7 security vulnerabilities.

The vulnerabilities are summarized as follows:

Vulnerability impact

severity

CVE number

Arbitrary Code Execution

Critical

CVE-2019-7098CVE-2019-7099

CVE-2019-7100

CVE-2019-7101

CVE-2019-7102

CVE-2019-7103

CVE-2019-7104

Affected version:
Adobe Shockwave Player <= 12.3.4.204
Unaffected version:
Adobe Shockwave Player 12.3.5.205

Adobe Dreamweaver

Adobe has released a security update for Adobe Dreamweaver that fixes a security vulnerability.

The vulnerabilities are summarized as follows:

Vulnerability impact	severity	CVE number
Information Disclosure	Moderate	CVE-2019-7097

Affected version:
Adobe Dreamweaver <= 19.0

Unaffected version:
Adobe Dreamweaver 19.1

Adobe XD

Adobe has released a security update for the macOS platform Adobe XD that fixes 2 security vulnerabilities.

The vulnerabilities are summarized as follows:

Vulnerability impact	severity	CVE number
Arbitrary code execution	Critical	CVE-2019-7105CVE-2019-7106

Affected version:
Adobe XD <= 16.0
Unaffected version:
Adobe XD 17.0.12

Adobe InDesign

Adobe has released a security update for Adobe InDesign that fixes a security vulnerability.

The vulnerabilities are summarized as follows:

Vulnerability impact	severity	CVE number
Arbitrary code execution	Critical	CVE-2019-7107

Affected version:
Adobe InDesign <= 14.0.1
Unaffected version:
Adobe InDesign 14.0.2

Adobe Experience Manager Forms

Adobe has released a security update for Adobe Experience Manager Forms that fixes a security vulnerability.

The vulnerabilities are summarized as follows:

Vulnerability impact	severity	CVE number
Information Disclosure	Important	CVE-2019-7129

Affected version:
Adobe Experience Manager Forms 6.2, 6.3, 6.4

The official version has not been released to fix the above vulnerability, but the corresponding version of the patch update has been released. For details, please refer to https://helpx.adobe.com/aem-forms/kb/aem-forms-releases.html

Adobe Bridge CC

Adobe has released an Adobe Bridge CC security update that fixes 8 security vulnerabilities.

The vulnerabilities are summarized as follows:

Vulnerability impact

severity

CVE number

Remote code execution

Critical

CVE-2019-7130CVE-2019-7132

Information Disclosure

Important

CVE-2019-7133CVE-2019-7134

CVE-2019-7135

CVE-2019-7136

CVE-2019-7137

CVE-2019-7138

Affected version:
Adobe Bridge CC <= 9.0.2
Unaffected version:
Adobe Bridge CC 9.0.3

Solution

Adobe has released a new version to fix the above vulnerability, users should upgrade your software as soon as possible.

Adobe April Security Update fixed many high-risk vulnerabilities

Vulnerability Overview

Adobe Flash Player

Adobe Shockwave Player

Adobe Dreamweaver

Adobe XD

Adobe InDesign

Adobe Experience Manager Forms

Adobe Bridge CC

Solution

Search

Brilliantly

Content & Links