Adobe releases the security updates to fix Remote Code Execution/Arbitrary file deletion in multi products

by do son · Published · Updated

Remote Code Execution

On March 13, 2018, Adobe releases the security update to fix vulnerabilities in Adobe Flash Player, Adobe Connect, and Adobe Dreamweaver. A remote attacker could exploit these vulnerabilities to take control of an affected system.

The detail is below:

  • Adobe Flash Player
    CVE-2018-4919 – Remote Code Execution
    CVE-2018-4920 – Remote Code Execution
    Affected version:
    28.0.0.161 and earlier versions
    Solusion
    Update to Adobe Flash Player 29.0.0.113
  • Adobe Connect
    CVE-2018-4923 – Arbitrary file deletion
    CVE-2018-4921 – Information disclosure
    Affected version:
    9.7 and earlier
    Solusion
    Update to Adobe Connect 9.7.5
  • Adobe Dreamweaver CC
    CVE-2018-4924 – Arbitrary Code Execution
    Affected version:
    18.0 and earlier versions
    Solusion
    Update to Adobe Dreamweaver CC 18.1

 

Tags: Remote Code Execution