Patch/Configuration Management, Vulnerability Management

Patch Tuesday: Adobe releases hotfixes to four patch bugs

Adobe Experience Manager received a hotfix to patch four “important” vulnerabilities that could allow cross scripting attacks, disclose audit log events to unprivileged users, and lead to information disclosure.

Versions 6.2, 6.1, 6.0, and 5.61 on the Windows, Unix, Linux and OS X platforms are affected, according to an Aug. 9 security bulletin.

Two of the vulnerabilities, CVE-2016-4170 and CVE-2016-4253, affected version 6.2 and earlier, while CVE-2016-4168 affected versions 6.1 and earlier and CVE-2016-4169 affected all but version 5.6.1.

All of the vulnerabilities are have a priority rating of "2" and, if exploited, could allow an attacker to compromise data security, access to confidential data, or compromise processing resources in a user's computer, according to Adobe's severity ratings.

Users with on-premise deployments should install the available hotfixes and review and implement the steps outlined in the Adobe's Security Checklists.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.