SecurityWeek reports that Adobe has fixed hundreds of flaws impacting several of its offerings, including code execution vulnerabilities in Acrobat Reader and Adobe Commerce, as part of this month's Patch Tuesday.
Adobe Acrobat for Windows and macOS is affected by 10 security issues, four of which are high-severity bugs that could be leveraged to enable arbitrary code execution, memory exposure, application denial-of-service, and security feature circumvention, according to Adobe, which has not observed in-the-wild exploitation of such defects. Five similar vulnerabilities have been observed in Adobe Commerce. Also addressed by Adobe were a pair of InCopy flaws, which could also be abused in code execution intrusions. Adobe has also fixed 225 vulnerabilities in Adobe Experience Manager, some of which could be exploited to facilitate privilege escalation, arbitrary code execution, and security feature bypass. Immediate application of issued patches has been recommended by Adobe.
Adobe Acrobat for Windows and macOS is affected by 10 security issues, four of which are high-severity bugs that could be leveraged to enable arbitrary code execution, memory exposure, application denial-of-service, and security feature circumvention, according to Adobe, which has not observed in-the-wild exploitation of such defects. Five similar vulnerabilities have been observed in Adobe Commerce. Also addressed by Adobe were a pair of InCopy flaws, which could also be abused in code execution intrusions. Adobe has also fixed 225 vulnerabilities in Adobe Experience Manager, some of which could be exploited to facilitate privilege escalation, arbitrary code execution, and security feature bypass. Immediate application of issued patches has been recommended by Adobe.
