Adobe’s Animate, Illustrator, Media Encoder and Bridge apps have fixed a total of 11 vulnerabilities.
The company says that it is not aware of any attacks that exploit such vulnerabilities and that they are unlikely to be used for malicious purposes, based on the priority given to the defects–they have all earned priorities of 3.
The latest version of Illustrator CC 2019 for Windows and macOS addresses two vulnerabilities to crucial memory corruption which can be used to execute remote code in the current user context. It also addresses a significant DLL hijacking defect that can lead to increased privilege.
The latest version of the Windows and macOS media encoder patches a crucial out – of-bounds write bug, which can be used for the execution of arbitrary code, and four out – of-bound read servers that may result in the disclosure of information.
In Bridge CC, Adobe patched two big memory bugs that could lead to disclosure of information, whereas in Animate CC 2019 a DLL hijacking problem has been resolved that can lead to privilege increases.
Independent researchers and experts representing NSFOCUS, Qihoo 360 and Fortinet reported the vulnerabilities patched this week to Adobe.