In addition to the critical bugs, Adobe also patched 43 out-of-bounds read flaws, four integer overflow problems and two security bypass issues, all of which could allow information disclosure. Adobe also patched three other critical-rated issues that could lead to privilege escalation these are all security bypass problems. The arbitrary code-execution problems include: two buffer errors two untrusted pointer dereference glitches three heap-overflow issues, five out-of-bounds write flaws, 24 use-after-free bugs. The addressed critical vulnerabilities are myriad this month. That’s a use-after-free flaw enabling arbitrary code-execution in Flash. The scheduled update comes less than a week after Adobe released several out-of-band fixes for Flash Player, including a critical vulnerability (CVE-2018-15982) that it said is being exploited in the wild. Adobe has patched 87 vulnerabilities for Acrobat and Reader in its December Patch Tuesday update, including a slew of critical flaws that would allow arbitrary code-execution.
0 Comments
Leave a Reply. |