Adobe security updates for Flash, ColdFusion, Campaign

Sicherheit[German]Adobe has released security updates for its Adobe Flash Player, ColdFusion and Campaign products effective June 11, 2019. Here is an overview of what is relevant.


Advertising

Update for Flash Player 32.0.0.207

>Adobe has released a maintenance and security update for the Flash Player, which upgrades it to version 32.0.0.207 and fixes several bugs. Security Bulletin APSB19-30 indicates the following Flash versions as vulnerable:

Product Version Platform
Adobe Flash Player Desktop Runtime 32.0.0.192 and earlier versions Windows, macOS, Linux
Adobe Flash Player for Google Chrome 32.0.0.192 and earlier versions Windows, Macintosh, Linux and Chrome OS
Adobe Flash Player for Microsoft Edge and Internet Explorer 11 32.0.0.192 and earlier versions Windows 10 and 8.1

Adobe Flash Player 32.0.0.207 is available for Windows, Macintosh, Linux and Chrome OS platforms. The download links can be found in Security Bulletin APSB19-30. How to check the Flash version is described in Update for Flash Player 32.0.0.171. The download addresses can also be found in this German user comment from this morning (thanks for that).

Microsoft Flash Update KB4503308

Microsoft has released the update KB4497932 (Flash Player Update) for Windows Server 2019, all versions of Windows 10, Windows Server Version 1803, Windows Server 2016 Version 1709, Windows RT/RT 8.1, Windows 8.1, Windows Server 2016 and Server 2012 R2/Windows Server 2012 as of June 11, 2019. The update can be found in the Microsoft Update Catalog here.

Adobe ColdFusion security update

Adobe has released an update to ColdFusion that addresses three critical vulnerabilities that could allow arbitrary code execution on vulnerable servers.

  • CVE-2019-7838: This vulnerability is exploitable only if the file uploads directory is web accessible.  
  • CVE-2019-7839: This vulnerability does not impact ColdFusion 11. 
  • CVE-2019-7840: Refer to the Tech Note for ColdFusion version for more information on mitigating this vulnerability

The following ColdFusion versions are affected:


Advertising

  • ColdFusion 2018 Update 3 and earlier versions
  • ColdFusion 2016 Update 10 and earlier versions
  • ColdFusion 11 Update 18 and earlier versions

Details may be found within Adobe Security Bulletin APSB19-27

Adobe Campaign security update

This security update fixes eight vulnerabilities in Adobe Campaign, as Bleeping Computer writes here. One of these vulnerabilities is considered critical because it can lead to arbitrary code execution. See Adobe Security Bulletin APSB19-28.


Advertising
This entry was posted in Security, Software, Update and tagged , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *