Improper Restriction of XML External Entity Reference The latest Adobe ColdFusion version number is now: 2016 Release Update 5 and v11 Update 13. These updates address a critical XML parsing vulnerability (CVE-2017-11286), an important cross-site scripting vulnerability (CVE-2017-11285) that could lead to information disclosure and a mitigation for unsafe Java deserialization that could result in remote code execution (CVE-2017-11283, CVE-2017-11284).
Vulnerability CategoryĪPSB17-30 Security updates available for ColdFusionĪdobe has released security updates for ColdFusion version 11 and the 2016 release. The latest Adobe Flash Player version number is now: 27.0.0.130. These updates address two critical memory corruption vulnerabilities that could lead to code execution. Adobe Security Update Summary: APSB17-28 Security updates available for Adobe Flash PlayerĪdobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS.
The company did not receive reports of public exploits or in-the-wild attacks for any of the patched issues, but that doesn't mean system administrators can skip this month's security updates. In total, Adobe patched eight security bugs - two in Flash Player, four in ColdFusion, and two in RoboHelp. Adobe just released its monthly security updates and this month the company patched vulnerabilities in three products - Adobe Flash Player, Adobe ColdFusion, and Adobe RoboHelp, the company's lesser known help authoring tool (HAT), used for the creation of online or offline documentation and help files.
0 kommentar(er)
