Adobe, this Tuesday as always released its security updates October 2018 monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 4 advisories with 16 vulnerabilities, with 4 of them rated critical, 10 are rated important and 2 as moderate in severity. These vulnerabilities impact Adobe Technical Communications Suite, Adobe Framemaker, Adobe Experience Manager, Adobe Digital Editions and Adobe Flash Player.
Adobe Digital Edition
The update resolves critical vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user and Information disclosure.
Adobe Experience Manager
These updates resolve two reflected cross-site scripting vulnerabilities rated Moderate, and three stored cross-site scripting vulnerabilities rated Important that could result in sensitive information disclosure.
Adobe Framemaker
The update resolves an insecure library loading vulnerability in the installer that could lead to privilege escalation.
Adobe Technical Communications Suite
The update resolves an insecure library loading vulnerability in the installer that could lead to privilege escalation.
Adobe Flash Player
A record 292 vulnerabilities were found in the Flash player, Guinness has registered the record … Totally kidding by the way, no security releases for Flash Player! yes, well that should be registered. Adobe issued some performance and feature updates for Flash.
Affected products
- Adobe Technical Communications Suite
- Adobe Framemaker
- Adobe Experience Manager
- Adobe Digital Editions
Adobe Security Bulletin summary for October 2018
Product : Adobe Digital Edition
CVE’s/Advisory : APSB18-27, CVE-2018-12813, CVE-2018-12814, CVE-2018-12823, CVE-2018-12816, CVE-2018-12818, CVE-2018-12819, CVE-2018-12820, CVE-2018-12821, CVE-2018-12822
Severity : Critical
Impact : Arbitrary Code Execution, Information Disclosure
Product : Adobe Experience Manager
CVE’s/Advisory : APSB18-36, CVE-2018-15969, CVE-2018-15970, CVE-2018-15971, CVE-2018-15972, CVE-2018-15973
Severity : Important
Impact : Sensitive Information disclosure
Product : Adobe Framemaker
CVE’s/Advisory : APSB18-37, CVE-2018-15974
Severity : Important
Impact : Privilege Escalation
Product : Adobe Technical Communications Suite
CVE’s/Advisory : APSB18-38, CVE-2018-15976
Severity : Important
Impact : Privilege Escalation
SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.