Patch/Configuration Management, Vulnerability Management

Adobe’s July Patch Tuesday includes Bridge CC, Experience Manager, Dreamweaver fixes

Adobe’s July 2019 Patch Tuesday included updates for its Adobe Bridge CC , Adobe Experience Manager and Adobe Dreamweaver products.

The updates for Experience Manager patched three vulnerabilities, while Bridge and Dreamweaver updates each have one, none of which are labeled as “critical,” and the highest rated vulnerability for each software is rated “important,” according to a July 9 Security Bulletin.

"Experience Manager resolved three vulnerabilities including one Moderate and two Important," Chris Goettl, Ivanti's director of product management, security, told SC Media. "Flash Player did not include CVEs by the looks of it."

The Adobe Bridge CC update addresses a vulnerability rated “important” that occurs when parsing malformed SVG images and can result in an out-of-bounds memory read which leads to information (memory address) disclosure in the context of current user.

The Adobe Experience Manager updates include one reflected cross-site scripting vulnerability rated “moderate,” one stored cross-site scripting vulnerability rated “important,” and one cross-site request forgery vulnerability rated “Important” that could result in sensitive information disclosure.

The Adobe Dreamweaver updates address an insecure library loading vulnerability in the installer rated “important” that could lead to privilege escalation.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.