Update Patch Tuesday patches fix several bugs in the Illustrator and Experience Manager software of Adobe, January 2020.
An update released for Windows’s Illustrator CC 2019 fixes five bugs which could lead to arbitrary code execution within the targeted user. Honggang Ren of Fortinet’s FortiGuard Laboratories identified the vulnerabilities to Adobe.
Although the weaknesses have been given a critical score, their priority level is 3, indicating that Adobe does not consider any of them in attacks to be exploited.
Adobe Experience Manager (AEM) updates patch four important and moderate vulnerabilities.
Important flaws can lead to sensitive information being disclosed by cross-site scripting (XSS) attacks or injection of expressive language. The moderate security hole is described as a user interface injection problem and can also lead to sensitive information being disclosed.
These vulnerabilities have a prior rating of 2, which shows that they will not be exploited in the wild in the coming weeks, at least.
Netcentric’s Lorenzo Pirondini was credited by Adobe to find one of the XSS flaws and the injection problem of the user interface.