Adobe addresses two critical vulnerabilities in Photoshop

Click the icon to Follow me:- twitterTelegramRedditDiscord

Adobe has addressed security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp.

Adobe has fixed ten security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp.

Seven vulnerabilities have been rated as critical, some of them could be exploited by remote attackers to execute arbitrary code.

Adobe has released two buffer overflow issues, tracked CVE-2021-28548 and CVE-2021-28549, that could lead to arbitrary code execution. Both issues were reported by guoxi of venustech ADLab. Affected Versions are:

Product Affected version Platform
Photoshop 2020 21.2.6 and earlier versions Windows and macOS 
Photoshop 2021 22.3 and earlier versions      Windows and macOS

The tech giant also addressed four ‘Critical’ code execution flaws and two vulnerabilities rated as ‘Important’ in the Adobe Bridge.

In the following table are reported vulnerability details:

Vulnerability Category Vulnerability Impact Severity CVE Numbers
Out-of-bounds read Information Disclosure Important CVE-2021-21091
Improper Authorization Privilege Escalation Important CVE-2021-21096
Memory Corruption Arbitrary code execution    Critical   CVE-2021-21093CVE-2021-21092
Out-of-bounds write Arbitrary code execution Critical CVE-2021-21094CVE-2021-21095

The issues were reported by Francis Provencher from Trend Micro Zero Day Initiative (CVE-2021-21091, CVE-2021-21092, CVE-2021-21093, CVE-2021-21094), Tran Van Khang – khangkito (VinCSS) CVE-2021-21095), and ikth working with Trend Micro Zero Day Initiative (CVE-2021-21096).

Adobe also fixed a critical Privilege Escalation vulnerability in Adobe Digital Editions for macOS, tracked as CVE-2021-21100, and an Important Privilege Escalation vulnerability in RoboHelp, tracked as CVE-2021-21070.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, Photoshop)

The post Adobe addresses two critical vulnerabilities in Photoshop appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source
Available for Amazon Prime