Adobe has released an out-of-band security update for Adobe Media Encoder that addresses three ‘Important’ Information Disclosure flaws.
The three vulnerabilities could be exploited by an attacker to access sensitive information that is leaked in the security of the active user.
Adobe recommends users to install the security updates to prevent the exploitation of the above issued in attacks aimed at unpatched installs.
“Adobe has released an update for Media Encoder. This update resolves important out-of-bounds read vulnerabilities that could lead to information disclosure in the context of the current user.” reads the APSB20-57 Security bulletin.
Below the list of vulnerabilities fixed by adobe:
|Vulnerability Category||Vulnerability Impact||Severity||CVE Numbers|
|Out-of-Bounds Read||Information Disclosure||Important||CVE-2020-9739 CVE-2020-9744 CVE-2020-9745|
These vulnerabilities have been reported by Radu Motspan.
Users should install Media Encoder 14.4 to address the above issues.
Last week, Adobe has released security updates to address twelve critical vulnerabilities that could be exploited by attackers to execute arbitrary code on systems running vulnerable versions of Adobe InDesign, Adobe Framemaker, and Adobe Experience Manager.
(SecurityAffairs – hacking, out of band patch)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.