Your hacker Blog

Adobe addresses two critical vulnerabilities in Photoshop

Adobe has addressed security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp.

Adobe has fixed ten security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp.

Seven vulnerabilities have been rated as critical, some of them could be exploited by remote attackers to execute arbitrary code.

Adobe has released two buffer overflow issues, tracked CVE-2021-28548 and CVE-2021-28549, that could lead to arbitrary code execution. Both issues were reported by guoxi of venustech ADLab. Affected Versions are:

ProductAffected versionPlatformPhotoshop 202021.2.6 and earlier versionsWindows and macOS Photoshop 202122.3 and earlier versions     Windows and macOSThe tech giant also addressed four ‘Critical’ code execution flaws and two vulnerabilities rated as ‘Important’ in the Adobe Bridge.

In the following table are reported vulnerability details:

Vulnerability CategoryVulnerability ImpactSeverityCVE NumbersOut-of-bounds readInformation DisclosureImportantCVE-2021-21091Improper AuthorizationPrivilege EscalationImportantCVE-2021-21096Memory CorruptionArbitrary code execution   Critical  CVE-2021-21093CVE-2021-21092Out-of-bounds writeArbitrary code executionCriticalCVE-2021-21094CVE-2021-21095The issues were reported by Francis Provencher from Trend Micro Zero Day Initiative (CVE-2021-21091, CVE-2021-21092, CVE-2021-21093, CVE-2021-21094), Tran Van Khang – khangkito (VinCSS) CVE-2021-21095), and ikth working with Trend Micro Zero Day Initiative (CVE-2021-21096).

Adobe also fixed a critical Privilege Escalation vulnerability in Adobe Digital Editions for macOS, tracked as CVE-2021-21100, and an Important Privilege Escalation vulnerability in RoboHelp, tracked as CVE-2021-21070.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}
Pierluigi Paganini

(SecurityAffairs – hacking, Photoshop)

The post Adobe addresses two critical vulnerabilities in Photoshop appeared first on Security Affairs.