Adobe published security updates for multiple vulnerabilities in Flash Player, Adobe Acrobat, and Photoshop that allows attackers to steal sensitive information.
APSB18-43 Photoshop CC – Adobe Security Updates
Adobe published security updates that resolve an important vulnerability in Photoshop CC 19.1.6 and earlier 19.x versions which can be exploited to steal sensitive information.
Affected Version
Photoshop CC 19.1.6 and earlier
Fixed Versions
Photoshop CC 19.1.7 and 20.0
Vulnerability Details
CVE-2018-15980 – Information disclosure
APSB18-40 – Adobe Acrobat and Reader
Adobe published security updates that fix information disclosure vulnerability with Adobe Acrobat and Reader. Successful exploitation of the vulnerability leads to the inadvertent leak of the user’s hashed NTLM password.
Affected Version
Acrobat DC 2019.008.20080 and earlier versions
Acrobat Reader DC 2019.008.20080 and earlier versions
Acrobat 2017 2017.011.30105 and earlier versions
Acrobat Reader 2017 2017.011.30105 and earlier versions
Acrobat DC 2015.006.30456 and earlier versions
Acrobat Reader DC 2015.006.30456 and earlier versions
Fixed Versions
Acrobat DC 2019.008.20080 and earlier versions
Acrobat Reader DC 2019.008.20080 and earlier versions
Acrobat 2017 2017.011.30105 and earlier versions
Acrobat Reader 2017 2017.011.30105 and earlier versions
Acrobat DC 2015.006.30456 and earlier versions
Acrobat Reader DC 2015.006.30456 and earlier versions
Vulnerability Details
CVE-2018-15979 – Information disclosure
APSB18-39 – Flash Player
The security updates address important vulnerability with Adobe Flash Player 31.0.0.122 and earlier versions. An attacker could exploit the vulnerability to steal sensitive information.
Affected Version
Adobe Flash Player Desktop Runtime 31.0.0.122 and earlier versions
Adobe Flash Player for Google Chrome 31.0.0.122 and earlier versionsChrome OS
Adobe Flash Player for Edge and IE 11 31.0.0.122 and earlier versions
Fixed Versions
Adobe Flash Player Desktop Runtime 31.0.0.148 Windows, macOS
Adobe Flash Player for Google Chrome 31.0.0.148 Windows, macOS, Linux, and Chrome OS
Adobe Flash Player for Edge and IE 11 31.0.0.148 Windows 10 and 8.1
Adobe Flash Player Desktop Runtime 31.0.0.148 Linux
Vulnerability Details
CVE-2018-15978 – Information disclosure.
With the October update, Adobe fixed 86 Vulnerabilities Fixed with Adobe Security Updates for Adobe Acrobat and Reader
