Tue. Jul 14th, 2020

Adobe April Security Update fixed multiple vulnerabilities in Adobe ColdFusion, Adobe After Effects and Adobe Digital Editions

1 min read

On April 14, Adobe officially released the April security update, which fixed multiple vulnerabilities in Adobe products, including Adobe ColdFusion, Adobe After Effects and Adobe Digital Editions.

Adobe August Security Update

Vulnerability overview

  • Adobe ColdFusion

Adobe has released a security update for Adobe ColdFusion, which fixes three security vulnerabilities.

The vulnerabilities are summarized as follows:

Vulnerability Category Vulnerability Impact Severity CVE Numbers
Insufficient input validation Application-level denial-of-service (DoS) Important CVE-2020-3767
DLL search-order hijacking Privilege escalation Important CVE-2020-3768
Improper access control System file structure disclosure Important CVE-2020-3796
  • Adobe After Effects

Adobe has released a security update for Adobe After Effects, which fixes a security vulnerability.

The vulnerabilities are summarized as follows:

Vulnerability Category Vulnerability Impact Severity CVE Numbers
Out-of-Bounds Read Information Disclosure Important   CVE-2020-3809
  • Adobe Digital Editions

Adobe has released a security update for Adobe Digital Editions, which fixes a security vulnerability.

The vulnerabilities are summarized as follows:

Vulnerability Category Vulnerability Impact Severity CVE Numbers
File enumeration (host or local network) Information Disclosure Important CVE-2020-3798

Solution

Adobe official has released a new version to fix the above vulnerabilities, users should upgrade to the latest version in time for protection.