Adobe issued a mild batch of Patch Tuesday security update for April covering three products with all vulnerabilities being rated as important.

ColdFusion 2016 and 2018 received patches for CVE-2020-3767, an insufficient input validation issue that can lead to an application-level DoS situation;  CVE-2020-3768 is a DLL search-order hijacking problem that can lead to Privilege escalation and CVE-2020-3796 is an improper access control issue potentially leading to a system file structure disclosure.

The update for Adobe After Effects version 17.0.6 for Windows and macOS saw CVE-2020-3809 being issued to fix an out-of-bounds read vulnerability that if exploited could lead to information disclosure.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.