Adobe May Security Update: fix multi Arbitrary Code Execution vulnerabilities
On May 14th, Adobe officially released the May security update, which fixes multiple vulnerabilities in Adobe’s various products, including Adobe Flash Player, Acrobat and Reader, and Media Encoder.
Vulnerability Overview
Adobe Flash Player
Adobe has released a security update for Adobe Flash Player that fixes a security vulnerability.
The vulnerabilities are summarized as follows:
| Vulnerability impact | severity | CVE number |
| Arbitrary Code Execution | Critical | CVE-2019-7837 |
- Affected version:
Adobe Flash player version <= 32.0.0.171
- Unaffected version:
Adobe Flash player version 32.0.0.192
For the specific impact version and fix of the vulnerability, please refer to Adobe security notice.
Adobe Acrobat and Reader
Adobe has released a security update for Adobe Acrobat and Reader that fixes multiple security vulnerabilities.
The vulnerabilities are summarized as follows:
| Vulnerability impact | Severity | CVE number |
| Information Disclosure | Important | CVE-2019-7841CVE-2019-7836
CVE-2019-7826 CVE-2019-7819 CVE-2019-7813 CVE-2019-7812 CVE-2019-7811 CVE-2019-7810 CVE-2019-7803 CVE-2019-7802 CVE-2019-7801 CVE-2019-7799 CVE-2019-7798 CVE-2019-7795 CVE-2019-7794 CVE-2019-7793 CVE-2019-7790 CVE-2019-7789 CVE-2019-7787 CVE-2019-7780 CVE-2019-7778 CVE-2019-7777 CVE-2019-7776 CVE-2019-7775 CVE-2019-7774 CVE-2019-7773 CVE-2019-7771 CVE-2019-7770 CVE-2019-7769 CVE-2019-7758 CVE-2019-7145 CVE-2019-7144 CVE-2019-7143 CVE-2019-7142 CVE-2019-7141 CVE-2019-7140 |
| Arbitrary Code Execution | Critical | CVE-2019-7829CVE-2019-7825
CVE-2019-7822 CVE-2019-7818 CVE-2019-7804 CVE-2019-7800 CVE-2019-7820 CVE-2019-7835 CVE-2019-7834 CVE-2019-7833 CVE-2019-7832 CVE-2019-7831 CVE-2019-7830 CVE-2019-7823 CVE-2019-7821 CVE-2019-7817 CVE-2019-7814 CVE-2019-7809 CVE-2019-7808 CVE-2019-7807 CVE-2019-7806 CVE-2019-7805 CVE-2019-7797 CVE-2019-7796 CVE-2019-7792 CVE-2019-7791 CVE-2019-7788 CVE-2019-7786 CVE-2019-7785 CVE-2019-7783 CVE-2019-7782 CVE-2019-7781 CVE-2019-7772 CVE-2019-7768 CVE-2019-7767 CVE-2019-7766 CVE-2019-7765 CVE-2019-7764 CVE-2019-7763 CVE-2019-7762 CVE-2019-7761 CVE-2019-7760 CVE-2019-7759 CVE-2019-7828 CVE-2019-7827 CVE-2019-7824 CVE-2019-7784 CVE-2019-7779 |
For the specific impact version and fix of the vulnerability, please refer to Adobe security notice.
Adobe Media Encoder
Adobe has released a security update for Adobe Media Encoder that fixes 2 security vulnerabilities.
The vulnerabilities are summarized as follows:
| Vulnerability impact | Severity | CVE number |
| Remote Code Execution | Critical | CVE-2019-7842 |
| Information Disclosure | Important | CVE-2019-7844 |
- Affected version:
Adobe Media Encoder 13.0.2
- Unaffected version:
Adobe Media Encoder 13.1
For the specific impact version and fix of the vulnerability, please refer to Adobe security notice.
Solution
Adobe has released a new version to fix the above vulnerabilities, users should upgrade your Adobe products to the unaffected version.
