Adobe June Security Update Alert

On June 11th, Adobe officially released the June security update, which fixes multiple vulnerabilities in Adobe’s various products, including Adobe Flash player, Adobe Campaign and Adobe ColdFusion.

CVE-2018-15981

Vulnerability Overview:

Adobe Flash Player

Adobe has released a security update for Adobe Flash Player that fixes a security vulnerability.

The vulnerabilities are summarized as follows:

Vulnerability impact severity CVE number
Arbitrary Code Execution Critical CVE-2019-7845
  • Affected version:

Adobe Flash player version <= 32.0.0.192

  • Unaffected version:

Adobe Flash player version 32.0.0.207

For the specific impact version and fix of the vulnerability, please refer to Adobe’s official security notice.

Adobe Campaign

Adobe has released a security update for Adobe Campaign that fixes multiple security vulnerabilities.

The vulnerabilities are summarized as follows:

Vulnerability impact severity CVE number
Information Disclosure Important CVE-2019-7843
Information Disclosure Moderate CVE-2019-7941
Information Disclosure Moderate CVE-2019-7846
Arbitrary read access to the file system Important CVE-2019-7847
Information Disclosure Moderate CVE-2019-7848
Information Disclosure Important CVE-2019-7849
Arbitrary Code Execution Critical CVE-2019-7850
  • Affected version:

Adobe Campaign Classic <= 18.10.5-8984

  • Unaffected version:

Adobe Campaign Classic 19.1.1-9026

For the specific impact version and fix of the vulnerability, please refer to Adobe’s official security notice.

Adobe ColdFusion

Adobe has released a security update for Adobe Media Encoder that fixes 3 security vulnerabilities.

The vulnerabilities are summarized as follows:

Vulnerability impact severity CVE number
Arbitrary Code Execution Critical CVE-2019-7838
Arbitrary Code Execution Critical CVE-2019-7839
Arbitrary Code Execution Critical CVE-2019-7840

For the specific impact version and fix of the vulnerability, please refer to Adobe’s official security notice.

Solution

Adobe has released a new version to fix the above vulnerabilities, users should upgrade in time to protect.