Adobe have released updated versions of Adobe InDesign for Windows and Macintosh. The new update resolves a critical memory corruption vulnerability (CVE-2018-4928) that could be abused to execute code remotely. The vulnerability is caused by unsafe parsing of a malformed .inx file. The update also fixes an untrusted search path vulnerability (CVE-2018-4927) in the InDesign installer. This vulnerability is categorized as important.
Affected versions:
- Adobe InDesign earlier than 13.1
More information can be read from Adobe's security bulletin.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment