CVE-2022-28839 An out-of-bounds write vulnerability is in Adobe Bridge version 12.0.1. This could lead to arbitrary code execution in the context of the current user.

An attacker could leverage this out-of-bounds write vulnerability to execute code in the context of the current user. Adobe recommends administrators review the application controls to verify they are in place. In addition, end users should be advised to exercise caution when clicking on links or installing applications when in public places. In addition, users should avoid clicking on suspicious looking emails or visiting unverified websites when using public Wi-Red or unencrypted connections. CVE-ID CVE-2018-4878 An integer out-of-bounds write vulnerability was identified that is tracked as CVE-ID CVE-2018-4878. Exploitation of this issue requires user interaction. In addition,elia

Adobe is aware of reports that this issue may occur if users receive a malicious link in an email. CVE-ID CVE-2018-4879 A use-after-free vulnerability was identified that is tracked as CVE-ID CVE-2018-4879. Exploitation of this issue requires user interaction. In addition,elia

An information disclosure vulnerability was identified that is tracked as CVE-ID CVE-2018-4880. In order to exploit this issue, an attacker would first have to convince a user to open a malicious file.

Adobe is aware of reports that this issue may occur in

Acrobat Reader DC, Acrobat XI Pro (Windows and macOS), Acrobat DC Continuous and Acrobat DC Classic.
CVE-ID CVE-2018-4881 A use-after-free vulnerability was identified that is tracked as CVE-ID CVE-2018-4881. Exploitation of this issue requires user interaction. In addition,elia

An integer overflow vulnerability was identified that is tracked as CVE-ID CVE-2018-4882. Exploitation of this issue requires user interaction. In addition,elia


Adobe recommends administrators review the application controls to verify they are in place.
In addition, end users should be advised to exercise caution when clicking on links or installing applications when in public places. In addition, users should avoid clicking on suspicious looking emails or visiting unverified websites when using public Wi-Red or unencrypted connections.

Adobe is aware of reported issues and actively working on them

Adobe is aware of reports that this issue may occur if users receive a malicious link in an email. We recommend administrators review the application controls to verify they are in place. In addition, end users should be advised to exercise caution when clicking on links or installing applications when in public places. In addition, users should avoid clicking on suspicious looking emails or visiting unverified websites when using public Wi-Red or unencrypted connections. Adobe is actively working on these issues and will provide an update as soon as possible.

Timeline

Published on: 06/15/2022 20:15:00 UTC
Last modified on: 06/25/2022 01:49:00 UTC

References