Adobe October Security Update fixes 20 security flaws
Adobe officially released the October security update, which fixes multiple vulnerabilities in its products, including Digital Editions, Experience Manager, Framemaker and Technical Communications Suite.
Vulnerability Overview:
Adobe Digital Editions
Adobe has released a security update for Adobe Digital Editions that fixes a critical vulnerability. Successful exploitation can result in arbitrary code being executed in the context of the current user.
The vulnerabilities are summarised as follows:
Vulnerability impact | severity | CVE number |
Arbitrary code execution | Critical | CVE-2018-12813CVE-2018-12814
CVE-2018-12815 |
Information disclosure | Important | CVE-2018-12816CVE-2018-12818
CVE-2018-12819 CVE-2018-12820 CVE-2018-12821 |
Arbitrary code execution | Critical | CVE-2018-12822 |
- Affected version <= 4.5.8
- Unaffected version 4.5.9
Adobe Framemaker
Adobe has released a security update for Adobe Framemaker. This update resolves an insecure library loading vulnerability in the installer that could lead to a privilege escalation.
The vulnerabilities are summarised as follows:
Vulnerability impact | severity | CVE number |
Privilege escalation | Important | CVE-2018-15974 |
- Affected version: <= 1.0.5.1
- Unaffected version: 2019 Release
Adobe Technical Communications Suite
Adobe has released a security update for the Adobe Technical Communications Suite. This update resolves an insecure library loading vulnerability in the installer that could lead to a privilege escalation.
The vulnerabilities are summarised as follows:
Vulnerability impact | severity | CVE number |
Privilege escalation | Important | CVE-2018-15976 |
- Affected version: <=1.0.5.1
- Security version: 2019 Release
Adobe Experience Manager
Adobe has released a security update for Adobe Experience Manager. These updates address multiple XSS vulnerabilities that can lead to information disclosure.
The vulnerabilities are summarised as follows:
Vulnerability impact | severity | CVE number |
Sensitive information disclosure | Important | CVE-2018-15969CVE-2018-15972
CVE-2018-15973 |
Moderate | CVE-2018-15970CVE-2018-15971 |
- Affected versions: 4, 6.3, 6.2, 6.1, 6.0
- Unaffected version:
Please update according to the corresponding version:
Solution
Adobe has released a new version to fix the above vulnerability; users should upgrade in time to protect.
For details and operations, please refer to the official notification link for each product vulnerability section.