Patch/Configuration Management, Vulnerability Management

Adobe releases third update in less than a month

Adobe today announced security updates for its vulnerabilities in its Experience Manager product that could result in sensitive information disclosure.

The updates address a Moderate rated reflected cross-site scripting vulnerability and an Important rated stored cross-site scripting vulnerability in Adobe Experience Manager version 6.0 through version 6.4 across all platforms, according to a Jan. 22 Security Bulletin.

Earlier this month Adobe issued a light patch Tuesday update to address vulnerabilities in Acrobat and Reader followed by important rated patches for  Adobe DigitalEditions and Adobe Connect as part of its normal patch Tuesday update.

The Digital Editions update addressed an out of bounds read that if left unpatched could lead to information disclosure while the Connect update addressed a session token exposure problem that can lead to the exposure of the privileges granted to a session.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.