Over 60 security flaws have been resolved by Adobe across its product offerings as part of this month's Patch Tuesday, SecurityWeek reports.
Aside from addressing at least one high-severity code execution vulnerability in Substance 3D products, including Painter, Viewer, Sampler, Modeler, and Stager, Adobe has also patched a quarter of critical flaws in Magento and Commerce, which could be leveraged to enable denial-of-service conditions, privilege escalation, and arbitrary file system read. Almost 20 critical flaws allowing arbitrary code execution have also been addressed in InCopy and InDesign, while fixes have also been issued for a trio of code execution issues and a DoS bug in Illustrator, as well as critical arbitrary code execution and memory leak flaws in Animate. Other patched vulnerabilities include a critical Photoshop code execution flaw and a Dimension memory leak defect. All of the flaws have not yet been leveraged in attacks, with active exploitation highly unlikely, according to Adobe.
Aside from addressing at least one high-severity code execution vulnerability in Substance 3D products, including Painter, Viewer, Sampler, Modeler, and Stager, Adobe has also patched a quarter of critical flaws in Magento and Commerce, which could be leveraged to enable denial-of-service conditions, privilege escalation, and arbitrary file system read. Almost 20 critical flaws allowing arbitrary code execution have also been addressed in InCopy and InDesign, while fixes have also been issued for a trio of code execution issues and a DoS bug in Illustrator, as well as critical arbitrary code execution and memory leak flaws in Animate. Other patched vulnerabilities include a critical Photoshop code execution flaw and a Dimension memory leak defect. All of the flaws have not yet been leveraged in attacks, with active exploitation highly unlikely, according to Adobe.
