Adobe patched four critical flaws in Flash Player and Framemaker. Vulnerabilities, if exploited, might allow arbitrary code execution.
Two bugs in Adobe Framemaker (CVE-2020-9634,
CVE-2020-9635) were found by Francis Provencher at Trend Micro’s ZDI (Zero Day
Initiative). CVE-2020-9634 is related to the GIF files parsing, CVE-2020-9635 –
to PDF files parsing.
Another critical bug patched by Adobe (CVE-2020-9636)
originates from memory corruption and can cause huge impact from program crash
to remote code execution.
As for Adobe Flash Player, discovered critical
flaw (CVE-2020-9633) might lead to the code execution.
Additionally, Adobe did patch few important
flaws including XSS, server-side request forgery glitches etc.
Updates are available.
No comments:
Post a Comment