Adobe's first major security update team in 2021 fixes seven critical bugs that could lead to arbitrary code execution.
On Tuesday, the giant company released separate security advisories that describe the vulnerabilities it solved in seven products. The affected software are Photoshop, Illustrator, Animate, Bridge, InCopy, Captivate and Campaign Classic.
The first security fix has been applied to Photoshop image creation software on Windows computers and MacOS. Critical buffer overflow error (CVE-2021-21006) can be used to cause arbitrary code execution.
Adobe Illustrator, on Windows computers, is the subject of its second patch company. The critical error, CVE-2021-21007, is described as an uncontrolled "search path element" error that can also lead to code execution.
The third critical problem, discovered in Adobe Animate on Windows computers, is the same security flaw as above and has the same concequenses. This vulnerability is referred to as CVE-2021-21008.
Adobe Bridge, which is used to transfer and switch content between different formats software As between Photoshop and Lightroom Is subject to correction for CVE-2021-21012 and CVE-2021-21013, leading to arbitrary code execution.
Another uncontrolled "search path element" vulnerability was found in Adobe InCopy, referred to as CVE-2021-21010. And this error can used for malicious code execution.
In Adobe Campaign Classic, on Windows and Linux computers, the company encountered a critical flaw in CVE-2021-21009 SSRF which can be utilized for the purpose of revealing sensitive information.
A hotfix has also been issued for CVE-2021-21011, an uncontrolled search path element element that is considered to be significant and found in Adobe Captivate-based versions of Windows. If exploited, the vulnerability could lead to escalation of privileges.
Users are advised to receive automatic updates, where required, to update their devices and stay protected.
Source of information: zdnet.com
Greek
Chinese (Simplified)
English
Russian