Adobe on Tuesday set patches for vulnerabilities in four of its products, including critical code implementation flaws affecting Photoshop and Bridge.
In Photoshop, the company fixed two disparaging buffer overflow bugs that can be exploited for arbitrary code approach in the context of the targeted user.
In its Bridge asset management software, Adobe became four critical vulnerabilities that can lead to code execution, listing two memory corruption issues and two out-of-bounds write issues.
The latest Bond updates also fix a couple of important-severity information disclosure and privilege escalation vulnerabilities. All of the safe keeping holes patched in Bridge were reported to Adobe through Trend Micro’s Zero Day Step (ZDI).
In the RoboHelp help authoring tool, Adobe addressed one privilege escalation vulnerability classified as “impressive.”
The latest updates for the macOS version of Adobe’s Digital Editions e-book presume from fixes a critical arbitrary file system write issue that can be utilized for privilege escalation.
Adobe says none of these vulnerabilities has been make capital out ofed in malicious attacks and, based on the priority rating assigned to them, the software leviathan does not expect them to be exploited in the future.
While a majority of the vulnerabilities base in Adobe products never actually become part of a threat actor’s attainment arsenal, some flaws do end up getting exploited in attacks. A recent exemplar is a Reader vulnerability patched in February, which the company said had been leveraged in narrow attacks targeting Windows users.
Related: Adobe Patches Perilous ColdFusion Security Flaw
Related: Adobe Patches Code Murder Flaws in Connect, Creative Cloud, Framemaker
Related: Hackers End Two Unpatched Flaws in Windows Adobe Type Manager Library
Cognate: Weak ACLs in Adobe ColdFusion Allow Privilege Escalation