Skip to main content

Adobe Monthly Security Update (November 2024)

Release Date: 13 Nov 2024 3094 Views

RISK: Medium Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

Adobe has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotesDetails (including CVE)
Adobe BridgeMedium Risk Medium RiskInformation Disclosure
Denial of Service
 APSB24-77
Adobe AuditionMedium Risk Medium RiskInformation Disclosure APSB24-83
Adobe After EffectsMedium Risk Medium RiskRemote Code Execution
Information Disclosure
 APSB24-85
Substance 3D PainterMedium Risk Medium RiskRemote Code Execution
Information Disclosure
Denial of Service
 APSB24-86
Adobe IllustratorMedium Risk Medium RiskRemote Code Execution
Information Disclosure
Denial of Service
 APSB24-87
Adobe InDesignMedium Risk Medium RiskRemote Code Execution
Information Disclosure
 APSB24-88
Adobe PhotoshopMedium Risk Medium RiskRemote Code Execution APSB24-89
Adobe CommerceMedium Risk Medium RiskRemote Code Execution APSB24-90

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 0

Number of 'Medium Risk' product(s): 8

Number of 'Low Risk' product(s): 0

Evaluation of overall 'Risk Level': Medium Risk


Impact

  • Remote Code Execution
  • Information Disclosure
  • Denial of Service

System / Technologies affected

  • Adobe Bridge  13.0.9 and earlier versions
  • Adobe Bridge  14.1.2 and earlier versions
  • Adobe Audition 24.4.6 and earlier versions
  • Adobe Audition 23.6.9 and earlier versions
  • Adobe After Effects 24.6.2 and earlier versions
  • Adobe After Effects 23.6.9 and earlier versions
  • Adobe Substance 3D Painter 10.1.0 and earlier versions
  • Illustrator 2024 28.7.1 and earlier versions
  • Adobe InDesign ID19.5 and earlier versions
  • Adobe InDesign ID18.5.3 and earlier versions
  • Adobe InDesign ID18.5.2 and earlier versions
  • Photoshop 2023 24.7.3 and earlier versions
  • Photoshop 2024 25.11 and earlier versions
  • Adobe Commerce and Magento Open Source powered by Commerce Services and deployed as SaaS (software as a service). (Commerce Services Connector) 3.2.5 and earlier versions

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  • Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update.

Vulnerability Identifier


Source


Related Link