Tag: Adobe

Update Adobe Acrobat and Reader to Patch Actively Exploited Vulnerability
News

Update Adobe Acrobat and Reader to Patch Actively Exploited Vulnerability

A serious actively exploited security hole in Acrobat and Reader is patched in Adobe's Patch Tuesday release for September 2023, which might allow an attacker to run malicious code on unprotected PCs. The affected versions of Acrobat DC, Acrobat Reader DC, Acrobat 2020, and Acrobat Reader 2020 for Windows and macOS are tracked as CVE-2023-26369 and have a CVSS severity rating of 7.8. Successfully exploiting the flaw, which is known as an out-of-bounds write, could result in code execution when a specifically created PDF document is opened. Adobe withheld any further information regarding the problem or the involved targeting read more Update Adobe Acrobat and Reader to Patch Actively Exploited Vulnerability. Stay informed with the best cybersecurity news and raise your cybersecur...
Critical Adobe ColdFusion Flaw Added to CISA’s Exploited Vulnerability Catalog
News

Critical Adobe ColdFusion Flaw Added to CISA’s Exploited Vulnerability Catalog

Based on proof of active exploitation, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a major security issue in Adobe ColdFusion to its list of known exploited vulnerabilities (KEV). A deserialization flaw in Adobe ColdFusion 2018 (Update 15 and earlier) and ColdFusion 2021 (Update 5 and earlier) could lead to arbitrary code execution in the context of the current user without requiring any interaction. This vulnerability is categorised as CVE-2023-26359 (CVSS score: 9.8). Dererialization, also known as unmarshaling, is the act of putting an object or data structure back together from a byte stream. However, if it's carried out without first verifying the source or cleaning its contents, it may have unanticipated effects like read more Critical Adobe Cold...