Security Advisory

Adobe Family September 2024 Routine Security Update Advisory

  • Sep 12 2024

Overview

 

Adobe(https://adobe.com) has released a security update that addresses a vulnerability in its supplied products. users of affected systems are advised to update to the latest version.

 

Affected Products

 

Adobe Media Encoder 24.5 or below version

Adobe Media Encoder 23.6.8 or below version

Adobe Audition 24.4.1 or below version

Adobe Audition 23.6.6 or below version

Adobe After Effects 24.5 or below version

Adobe After Effects 23.6.6 or below version

Adobe Premiere Pro 24.5 or below version

Adobe Premiere Pro 23.6.8 or below version

Illustrator 2024 28.6 or below version

Illustrator 2023 27.9.5 or below version

Acrobat DC continuous

Acrobat Reader DC continuous

Acrobat 2024 classic 2024

Acrobat 2020 classic 2020

Acrobat Reader 2020 classic 2020

ColdFusion 2023 update 9 or below version

ColdFusion 2021 update 15 or below version

Photoshop 2023 24.7.4 or below version

Photoshop 2024 25.11 or below version

 

Resolved Vulnerabilities

 

Arbitrary code execution vulnerability due to an out-of-bounds write to memory in Adobe Media Encoder (CVE-2024-39377)

Arbitrary code execution vulnerability due to an out-of-bounds read in memory in Adobe Media Encoder (CVE-2024-41871)

Memory leak vulnerability due to an out-of-bounds read of memory in Adobe Media Encoder (CVE-2024-41870)

Memory leak vulnerability due to an out-of-bounds read in memory in Adobe Media Encoder (CVE-2024-41872)

Memory leak vulnerability due to an out-of-bounds read in memory in Adobe Media Encoder (CVE-2024-41873)

Arbitrary code execution vulnerability due to an out-of-bounds write to memory in Adobe Audition (CVE-2024-39378)

Memory leak vulnerability due to an out-of-bounds read in memory in Adobe Audition (CVE-2024-41868)

Arbitrary code execution vulnerability due to a heap memory-based buffer overflow in Adobe After Effects (CVE-2024-39380)

Arbitrary code execution vulnerability due to an out-of-bounds write to memory in Adobe After Effects (CVE-2024-39381)

Arbitrary code execution vulnerability due to out-of-bounds writes in memory in Adobe After Effects (CVE-2024-41859)

Arbitrary file write vulnerability due to a stack-based buffer overflow in Adobe After Effects (CVE-2024-41867)

Memory leak vulnerability due to an out-of-bounds read of memory in Adobe After Effects (CVE-2024-39382)

Arbitrary code execution vulnerability due to an out-of-bounds write to memory in Adobe Premiere Pro (CVE-2024-39384)

Memory leak vulnerability due to unbounded use of memory (UAF) in Adobe Premiere Pro (CVE-2024-39385)

Arbitrary code execution vulnerability due to integer underflow (wrap or wraparound) in Illustrator 2024 (CVE-2024-41857)

Arbitrary code execution vulnerability due to integer overflow in Illustrator 2024 (CVE-2024-34121)

Arbitrary code execution vulnerability due to lack of input validation in Illustrator 2024 (CVE-2024-41856)

Arbitrary code execution vulnerability due to unchecked memory usage (UAF) in Illustrator 2024 (CVE-2024-43758)

Memory leak vulnerability due to an out-of-bounds read of memory in Illustrator 2024 (CVE-2024-45111)

Application denial of service vulnerability due to a null pointer reference in Illustrator 2024 (CVE-2024-43759)

Arbitrary code execution vulnerability due to use of freed memory (UAF) in Acrobat DC (CVE-2024-41869)

Arbitrary code execution vulnerability due to access of resource using incompatible type (‘type confusion’) in Acrobat DC (CVE-2024-45112)

Arbitrary code execution vulnerability due to untrusted data deserialization in ColdFusion 2023 (CVE-2024-41874)

Arbitrary code execution vulnerability due to a heap memory-based buffer overflow in Photoshop 2023 (CVE-2024-43756)

Arbitrary code execution vulnerability due to an out-of-bounds write to memory in Photoshop 2023 (CVE-2024-43760)

Arbitrary code execution vulnerability due to out-of-bounds writes to memory in Photoshop 2023 (CVE-2024-45108)

Arbitrary code execution vulnerability due to out-of-bounds writes in memory in Photoshop 2023 (CVE-2024-45109)

Memory leak vulnerability due to an out-of-bounds read in memory in Photoshop 2023 (CVE-2024-45110)

 

Vulnerability Patches

 

The following product-specific vulnerability patches were made available in the 09/10/2024 update.

Adobe Media Encoder 23.6.9

Check Adobe Referenced Sites below

Adobe Audition 23.6.9

Download Center

Adobe After Effects 23.6.9

Download Center

Adobe Premiere Pro 23.6.9

Download Center

Illustrator 2023 27.9.6

Download Page

Acrobat DC Continuous

Acrobat Reader DC Continuous

Acrobat Reader DC Continuous

Acrobat 2024 Classic 2024

Acrobat 2024 Classic 2024

Acrobat 2020 Classic 2020

Acrobat Reader 2020 Classic 2020

ColdFusion 2021 Update 16

Tech Note

Photoshop 2023 24.7.5

Check Adobe Referenced Sites below

Photoshop 2024 25.12

See Adobe Referenced Sites below

 

Referenced Sites

 

Security Bulletins and Advisories

https://helpx.adobe.com/security.html/security/security-bulletin.ug.html

APSB24-53 : Security update available for Adobe Media Encoder

https://helpx.adobe.com/security/products/media-encoder/apsb24-53.html

APSB24-54 : Security update available for Adobe Audition

https://helpx.adobe.com/security/products/audition/apsb24-54.html

APSB24-55 : Security update available for Adobe After Effects

https://helpx.adobe.com/security/products/after_effects/apsb24-55.html

APSB24-58 : Security update available for Adobe Premiere Pro

https://helpx.adobe.com/security/products/premiere_pro/apsb24-58.html

APSB24-66 : Security update available for Adobe Illustrator

https://helpx.adobe.com/security/products/illustrator/apsb24-66.html

APSB24-70 : Security update available for Adobe Acrobat Reader

https://helpx.adobe.com/security/products/acrobat/apsb24-70.html

APSB24-71 : Security update available for Adobe ColdFusion

https://helpx.adobe.com/security/products/coldfusion/apsb24-71.html

APSB24-72 : Security update available for Adobe Photoshop

https://helpx.adobe.com/security/products/photoshop/apsb24-72.html

APSB24-70 : Security update available for Adobe Acrobat Reader

https://helpx.adobe.com/security/products/acrobat/apsb24-70.html

APSB24-55 : Security update available for Adobe After Effects

https://helpx.adobe.com/security/products/after_effects/apsb24-55.html

APSB24-54 : Security update available for Adobe Audition

https://helpx.adobe.com/security/products/audition/apsb24-54.html

APSB24-71 : Security update available for Adobe ColdFusion

https://helpx.adobe.com/security/products/coldfusion/apsb24-71.html

APSB24-66 : Security update available for Adobe Illustrator

https://helpx.adobe.com/security/products/illustrator/apsb24-66.html

APSB24-72 : Security update available for Adobe Photoshop

https://helpx.adobe.com/security/products/photoshop/apsb24-72.html

APSB24-58 : Security update available for Adobe Premiere Pro

https://helpx.adobe.com/security/products/premiere_pro/apsb24-58.html

Tags:

Previous Post

Next Post