Adobe June Patch Tuesday updates at the moment are out with quite a few safety fixes. This month, Adobe addressed quite a few important vulnerabilities in Adobe Flash Participant, Adobe Marketing campaign, and Adobe ColdFusion. This month’s updates embody comparatively lesser vulnerability fixes as in comparison with the Adobe May updates.
Important Flaws Fastened With Adobe June Patch Tuesday
The Adobe June Patch Tuesday updates have addressed quite a few important vulnerabilities in Adobe ColdFusion, Adobe Marketing campaign, and Adobe Flash Participant.
Adobe has patched three totally different important vulnerabilities in ColdFusion. As described in Adobe’s advisory, the issues may enable arbitrary code execution upon exploit. Reportedly, the issues embody a file extension blacklist bypass (CVE-2019-7838), command injection vulnerability (CVE-2019-7839), and deserialization of untrusted information (CVE-2019-7840).
These vulnerabilities caught Adobe’s consideration after totally different researchers reported them to the distributors. The merchandise affected by these vulnerabilities embody ColdFusion 2018 (Replace three and prior), ColdFusion 2016 (Replace 10 and earlier variations), and ColdFusion 11 (Replace 18 and earlier than). Adobe has mounted the issues with the discharge of ColdFusion 2018 (Replace 4), ColdFusion 2016 (Replace 11), and ColdFusion 11 (Replace 19) respectively.
In one other advisory, Adobe confirmed the patch for a important command injection vulnerability (CVE-2019-7850) in Adobe Marketing campaign Traditional. Adobe additionally launched a repair for a important use after free vulnerability (CVE-2019-7845) affecting Adobe Flash Participant. Each these flaws CVE-2019-7850 and CVE-2019-7845 may enable arbitrary code execution upon exploit.
Different Vulnerabilities Affecting Adobe Marketing campaign
Aside from the important vulnerability, there have been additionally quite a few different vulnerabilities in Adobe Marketing campaign, for which, Adobe has launched patches. As acknowledged within the advisory, the updates tackle three essential safety vulnerabilities and three average severity flaws that affected Adobe Marketing campaign Traditional variations 18.10.5-8984 and earlier.
The essential severity vulnerabilities embody inadequate enter validation (CVE-2019-7843) and delicate information in supply code (CVE-2019-7849) that would end in data disclosure. Furthermore, one other essential flaw CVE-2019-7847 may end in arbitrary learn entry to the file system.
Whereas, the three average severity flaws embody data publicity by means of an error message (CVE-2019-7941), improper error dealing with (CVE-2019-7846), and insufficient entry management (CVE-2019-7848). All three of those may end in data disclosure upon exploit.
Adobe has mounted all safety vulnerabilities with the discharge of Adobe Marketing campaign model 19.1.1-9026.
Take your time to touch upon this text.
