Adobe April Security Update fixed multiple vulnerabilities in Adobe ColdFusion, Adobe After Effects and Adobe Digital Editions
On April 14, Adobe officially released the April security update, which fixed multiple vulnerabilities in Adobe products, including Adobe ColdFusion, Adobe After Effects and Adobe Digital Editions.
Vulnerability overview
- Adobe ColdFusion
Adobe has released a security update for Adobe ColdFusion, which fixes three security vulnerabilities.
The vulnerabilities are summarized as follows:
Vulnerability Category | Vulnerability Impact | Severity | CVE Numbers |
---|---|---|---|
Insufficient input validation | Application-level denial-of-service (DoS) | Important | CVE-2020-3767 |
DLL search-order hijacking | Privilege escalation | Important | CVE-2020-3768 |
Improper access control | System file structure disclosure | Important | CVE-2020-3796 |
- Adobe After Effects
Adobe has released a security update for Adobe After Effects, which fixes a security vulnerability.
The vulnerabilities are summarized as follows:
Vulnerability Category | Vulnerability Impact | Severity | CVE Numbers |
Out-of-Bounds Read | Information Disclosure | Important | CVE-2020-3809 |
- Adobe Digital Editions
Adobe has released a security update for Adobe Digital Editions, which fixes a security vulnerability.
The vulnerabilities are summarized as follows:
Vulnerability Category | Vulnerability Impact | Severity | CVE Numbers |
File enumeration (host or local network) | Information Disclosure | Important | CVE-2020-3798 |
Solution
Adobe official has released a new version to fix the above vulnerabilities, users should upgrade to the latest version in time for protection.