Adobe’s Patch Tuesday security update included patches for vulnerabilities in four products, including four critical issues patched in Adobe Digital Editions, but none for the often fixed Flash Player.
The company has pushed out several out of band releases in the last month, including one on Oct. 1 cleaning up many critical problems with Acrobat and Reader.
The Adobe Digital Editions 4.5.9 release included the critical heap overflow vulnerabilities CVE-2018-12813, CVE-2018-12814 and CVE-2018-12815 along with the use after free CVE-2018-12822 all of which could lead to arbitrary code execution if exploited. In addition, an important-rated out of bounds read problem covered by CVE-2018-12816, CVE-2018-12818, CVE-2018-12819, CVE-2018-12820 and CVE-2018-12821 that could result in information disclosure was patched.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.