Adobe released new security updates for Adobe Acrobat applications, Reader and Lightroom that patch a total of twenty-six vulnerabilities across the three programs.
From vulnerabilities points, eleven are classified as "Critical" because they allow attackers to bypass security features or remotely execute code on vulnerable computers.
Remote code execution vulnerabilities are the most devastating, as they allow an attacker to run commands on affected computers without permission or the owner's knowledge.
If you use any of these products, it is strongly recommended that you upgrade to the latest versions as soon as possible.
APSB20-48 Security Updates for Adobe Acrobat and Reader
Vulnerability Category | Vulnerability Impact | Severity | CVE Number |
---|---|---|---|
Disclosure of Sensitive Data | Memory Leak | Important | CVE-2020-9697 |
Security bypass | Privilege Escalation | Important | CVE-2020-9714 |
Out-of-bounds writing | Arbitrary Code Execution | Critical | CVE-2020-9693
CVE-2020-9694 |
Security bypass | Security feature bypass | Critical | CVE-2020-9696
CVE-2020-9712 |
Stack exhaustion | Denial-of-service application | Important | CVE-2020-9702
CVE-2020-9703 |
Out-of-bounds read | Information disclosure | Important | CVE-2020-9723
CVE-2020-9705 CVE-2020-9706 CVE-2020-9707 CVE-2020-9710 CVE-2020-9716 CVE-2020-9717 CVE-2020-9718 CVE-2020-9719 CVE-2020-9720 CVE-2020-9721 |
buffer error | Arbitrary Code Execution | Critical | CVE-2020-9698
CVE-2020-9699 CVE-2020-9700 CVE-2020-9701 CVE-2020-9704 |
Use-after-free | Arbitrary Code Execution | Critical | CVE-2020-9715
CVE-2020-9722
|
APSB20-51 Adobe Lightroom Security Updates
Vulnerability Category | Vulnerability Impact | Severity | CVE Numbers |
Insecure Library Loading | privilege escalation | Important | CVE-2020-9724 |