09 December 20, 12:56
Quote:Adobe Systems has stomped out critical-severity flaws across its Adobe Prelude, Adobe Experience Manager and Adobe Lightroom applications. If exploited, the serious vulnerabilities could lead to arbitrary code execution.
Overall, Adobe issued patches for flaws tied to one important-rated and three critical-severity CVEs, during its regularly scheduled December security updates. The updates follow the company’s November patches, where the company fixed critical-severity flaws tied to four CVEs in the Windows and macOS versions of its Acrobat and Reader family of application software services; all of which could be exploited to execute arbitrary code on affected products.
“Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates,” according to Adobe’s Tuesday security update.
This month’s Adobe patch roundup included a critical cross-site scripting (XSS) vulnerability in Adobe Experience Manager (AEM), the company’s content-management solution for building websites, mobile apps and forms. If exploited, the vulnerability (CVE-2020-24445) could allow a bad actor to execute arbitrary JavaScript on the victim’s browser.
Read more: https://threatpost.com/adobe-windows-mac...ws/162007/