技术控

    今日:117| 主题:49431
收藏本版 (1)
最新软件应用技术尽在掌握

[其他] Adobe Fixes 81 Vulnerabilities in Acrobat, Reader, Flash

[复制链接]
╭ァ你的眼里 发表于 2016-10-12 08:18:50
156 7

立即注册CoLaBug.com会员,免费获得投稿人的专业资料,享用更多功能,玩转个人品牌!

您需要 登录 才可以下载或查看,没有帐号?立即注册

x

Adobe Fixes 81 Vulnerabilities in Acrobat, Reader, Flash-1 (additional,corruption,published,execution,including)

Adobe patched 81 vulnerabilities across Acrobat, Reader, and Flash on Tuesday, including a handful of critical bugs that if exploited, could allow an attacker to take control of a system.
The lion’s share of vulnerabilities – 71 in total – exist in the company’s Acrobat and Reader platforms.
  According to a security bulletin published by the company on Tuesday, most of the Acrobat and Reader updates address memory corruption, use-after-free, and buffer overflow vulnerabilities – all which can lead to code execution – in the software. Two additional patches fix a bypass restriction on JavaScript API execution and a separate security bypass vulnerability that existed in the software. The update brings Acrobat DC and Reader DC to version 15.006.30243 and Acrobat XI and Reader XI to 11.0.18 on both Windows and Macintosh machines.
  The patches are the first for Reader and Acrobat sinceJuly, when Adobe addressed 38 issues in the software. This month’s fixes are the most updates the software was received sinceMay this year, when the company patched a staggering 93 vulnerabilities in Reader and Acrobat.
  Twelve vulnerabilities that affected Flash Player in Chrome, Microsoft Edge, IE 11, and Linux, were also resolved today. Like the Reader and Acrobat bugs, the majority of the patches – nine of the 12 – stem from memory corruption bugs. A Palo Alto Networks researcher who discovered eight bugs in Flash last month , Tao Yan a/k/a @Ga1ois, discovered four of the nine vulnerabilities, all memory corruption bugs, patched by Adobe on Tuesday. A security bypass vulnerability, a type confusion and use-after-free vulnerability that could lead to code execution were also fixed in Flash, according to Adobe.
  The 12 vulnerabilities in Flash marks a decrease fromlast month’s update, when Adobe patched 29 issues, most that could have led to code execution.
Adobe also took the opportunity on Tuesday to patch its Creative Cloud desktop application – an app that lets Adobe customers who subscribe to its Creative Cloud platform manage their apps and services. The update resolves an unquoted search path vulnerability in the app. Unquoted path vulnerabilities generally take advantage of the way software parses directory paths to execute code. In this case, if exploited, the vulnerability could have allowed access to resources in a parent path and subsequently, local privilege escalation, Adobe warned.
  Adobe says it’s not aware of any of the vulnerabilities being exploited in the wild but in a post to its Product Security Incident Response Team (PSIRT) Blog, encouraged users to update to the latest versions regardless.
友荐云推荐




上一篇:开始使用运行在 Linux 上的的 MongoDB on IBM Power Systems
下一篇:Debugging Titles: Part I
酷辣虫提示酷辣虫禁止发表任何与中华人民共和国法律有抵触的内容!所有内容由用户发布,并不代表酷辣虫的观点,酷辣虫无法对用户发布内容真实性提供任何的保证,请自行验证并承担风险与后果。如您有版权、违规等问题,请通过"联系我们"或"违规举报"告知我们处理。

bright112358 发表于 2016-10-12 10:22:46
看了这么多帖子,第一次看到这么经典的!
回复 支持 反对

使用道具 举报

陈发兴 发表于 2016-10-12 10:44:35
楼主,涨姿势呃。。。。。。
回复 支持 反对

使用道具 举报

枫林﹌晚霞 发表于 2016-10-13 08:52:39
屌丝和绿茶婊太多了,还是顶╭ァ你的眼里的帖子更有意义
回复 支持 反对

使用道具 举报

y1eyfegyjd6 发表于 2016-11-14 14:19:42
楼主呀,,,您太有才了。。。
回复 支持 反对

使用道具 举报

幸福国度 发表于 2016-11-15 08:15:33
灌,是一种美德。
回复 支持 反对

使用道具 举报

sffr6582 发表于 2016-11-19 10:21:36
你踩我的脚没事,可别踩我的鞋呀!
回复 支持 反对

使用道具 举报

myg 发表于 2016-11-20 08:54:55
帮顶个帖,攒人品,说不定我就会升职加薪、当上总经理、出任CEO、迎娶白富美、走上人生巅峰,嘿嘿,想想还有点小激动。
回复 支持 反对

使用道具 举报

*滑动验证:
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

我要投稿

推荐阅读

扫码访问 @iTTTTT瑞翔 的微博
回页顶回复上一篇下一篇回列表手机版
手机版/CoLaBug.com ( 粤ICP备05003221号 | 文网文[2010]257号 )|网站地图 酷辣虫

© 2001-2016 Comsenz Inc. Design: Dean. DiscuzFans.

返回顶部 返回列表