Patch Tuesday
Patch Tuesday

Adobe issued a light Patch Tuesday bulletin today covering three vulnerabilities in Flash Player and three in Adobe Connect for Windows.

The company's Flash Player announcement in Adobe Security Bulletin APSB17-21 covered CVE-2017-3080, CVE-2017-3099, rated critical, and CVE-2017-3100 for Windows, Macintosh, Linux and Chrome, which if left unpatched, respectively, could lead to information disclosure, remote code execution and memory address disclosure.

The Adobe Connect vulnerabilities listed in APSB17-22 are for version 9.6.1 and earlier on the Windows platform. These include CVE-2017-3101, with a moderate severity rating, CVE-2017-3102 and CVE-2017-3103, both rated as important.

If left unpatched CVE-2017-3101 could lead to clickjacking attacks, while exploiting the other two flaws could lead to cross-site scripting attacks.