Adobe has released September 2018 safety land updates for a full of ten vulnerabilities inwards Flash Player in addition to ColdFusion, 6 of which are rated equally critical that affected ColdFusion in addition to could let attackers to remotely execute arbitrary code on a vulnerable server.
What's the adept intelligence this calendar month for Adobe users?
This calendar month Adobe Acrobat in addition to Reader applications did non have whatever land update, spell Adobe Flash Player has received an update for merely a unmarried privilege escalation vulnerability (CVE-2018-15967) rated equally important.
Secondly, Adobe said none of the safety vulnerabilities patched this calendar month were either publicly disclosed or constitute beingness actively exploited inwards the wild.
Total nine Security Patches for Adobe ColdFusion
Adobe has addressed a full of nine safety vulnerabilities inwards its ColdFusion spider web application evolution platform, 6 of which are critical, 2 of import in addition to i moderate.
According to the advisory released past times Adobe, ColdFusion contained 4 critical deserialization of untrusted information vulnerabilities (CVE-2018-15965, CVE-2018-15957, CVE-2018-15958, CVE-2018-15959) that could lawsuit inwards arbitrary code execution.
Out of the remaining 2 critical vulnerabilities addressed inwards ColdFusion, i is unrestricted file upload flaw (CVE-2018-15961) that could Pb to arbitrary code execution, in addition to the other (CVE-2018-15960) could enable arbitrary file overwrite.
The companionship has too released patches for 2 "important" safety vulnerabilities inwards ColdFusion--security bypass glitch (CVE-2018-15963) that allows arbitrary folder creation, in addition to directory listing flaw (CVE-2018-15962) that could enable information disclosure--and a moderate information disclosure põrnikas (CVE-2018-15964).
The vulnerabilities impact 2016 (Update 6 in addition to before versions) in addition to the July 12 (2018) loose of ColdFusion, along alongside ColdFusion xi (Update fourteen in addition to before versions).
Adobe recommends halt users in addition to administrators to update their installations to ColdFusion 2018 Update 1, ColdFusion 2016 Update 7, in addition to ColdFusion xi Update 15.
Adobe Also Patches An of import Flaw In Flash Player
Besides ColdFusion, Adobe too released a safety update for Flash Player for Windows, macOS, Linux, in addition to Chrome OS, addressing an "important" flaw inwards all for versions 30.0.0.154 in addition to before for Google Chrome, Desktop Runtime, Microsoft Edge in addition to Internet Explorer 11.
The number is a privilege escalation vulnerability (CVE-2018-15967) that could Pb to information disclosure. The companionship recommends Flash Player users to update to version 31.0.0.208 equally presently equally possible.