Tuesday, May 28, 2024

Adobe Published Security Updates for Flash Player, Adobe Acrobat and Photoshop

Adobe published security updates for multiple vulnerabilities in Flash Player, Adobe Acrobat, and Photoshop that allows attackers to steal sensitive information.

APSB18-43 Photoshop CC – Adobe Security Updates

Adobe published security updates that resolve an important vulnerability in Photoshop CC 19.1.6 and earlier 19.x versions which can be exploited to steal sensitive information.

Affected Version

Photoshop CC 19.1.6 and earlier

Fixed Versions

Photoshop CC 19.1.7 and 20.0

Vulnerability Details

CVE-2018-15980 – Information disclosure

APSB18-40 – Adobe Acrobat and Reader

Adobe published security updates that fix information disclosure vulnerability with Adobe Acrobat and Reader. Successful exploitation of the vulnerability leads to the inadvertent leak of the user’s hashed NTLM password.

Affected Version

Acrobat DC 2019.008.20080 and earlier versions

Acrobat Reader DC 2019.008.20080 and earlier versions

Acrobat 2017 2017.011.30105 and earlier versions

Acrobat Reader 2017 2017.011.30105 and earlier versions

Acrobat DC 2015.006.30456 and earlier versions

Acrobat Reader DC 2015.006.30456 and earlier versions

Fixed Versions

Acrobat DC 2019.008.20080 and earlier versions

Acrobat Reader DC 2019.008.20080 and earlier versions

Acrobat 2017 2017.011.30105 and earlier versions

Acrobat Reader 2017 2017.011.30105 and earlier versions

Acrobat DC 2015.006.30456 and earlier versions

Acrobat Reader DC 2015.006.30456 and earlier versions

Vulnerability Details

CVE-2018-15979 – Information disclosure

APSB18-39 – Flash Player

The security updates address important vulnerability with Adobe Flash Player 31.0.0.122 and earlier versions. An attacker could exploit the vulnerability to steal sensitive information.

Affected Version

Adobe Flash Player Desktop Runtime 31.0.0.122 and earlier versions

Adobe Flash Player for Google Chrome 31.0.0.122 and earlier versionsChrome OS

Adobe Flash Player for Edge and IE 11 31.0.0.122 and earlier versions

Fixed Versions

Adobe Flash Player Desktop Runtime 31.0.0.148 Windows, macOS

Adobe Flash Player for Google Chrome 31.0.0.148 Windows, macOS, Linux, and Chrome OS

Adobe Flash Player for Edge and IE 11 31.0.0.148 Windows 10 and 8.1

Adobe Flash Player Desktop Runtime 31.0.0.148 Linux

Vulnerability Details

CVE-2018-15978 – Information disclosure.

With the October update, Adobe fixed 86 Vulnerabilities Fixed with Adobe Security Updates for Adobe Acrobat and Reader

Website

Latest articles

Researchers Exploited Nexus Repository Using Directory Traversal Vulnerability

Hackers target and exploit GitHub repositories for a multitude of reasons and illicit purposes.The...

DDNS Service In Fortinet Or QNAP Embedded Devices Exposes Sensitive Data, Researchers Warn

Hackers employ DNS for various purposes like redirecting traffic to enable man-in-the-middle attacks, infecting...

PoC Exploit Released For macOS Privilege Escalation Vulnerability

A new vulnerability has been discovered in macOS Sonoma that is associated with privilege...

CatDDoS Exploiting 80+ Vulnerabilities, Attacking 300+ Targets Daily

Malicious traffic floods targeted systems, servers, or networks in Distributed Denial of Service (DDoS)...

GNOME Remote Desktop Vulnerability Let Attackers Read Login Credentials

GNOME desktop manager was equipped with a new feature which allowed remote users to...

Kesakode: A Remote Hash Lookup Service To Identify Malware Samples

Today marks a significant milestone for Malcat users with the release of version 0.9.6,...

Cisco Firepower Vulnerability Let Attackers Launch SQL Injection Attacks

 A critical vulnerability has been identified in Cisco Firepower Management Center (FMC) Software's web-based...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles