Adobe February 2020 Patch Tuesday updates address a total of 42 vulnerabilities in Framemaker, Acrobat and Reader, Flash Player, Digital Editions and Experience Manager products.
Most of the vulnerabilities (21) affect the Windows version of the Framemaker document processor. The most severe issues are classified as critical buffer overflow, heap overflow, out-of-bounds write, and memory
The flaws were reported to the company through Trend Micro’s Zero Day Initiative by the researcher who goes online with the moniker “Kdot”.
Adobe also addressed a total of 17 flaws in the Windows and macOS versions of its Acrobat and Reader products.
The IT firm addressed critical memory corruption issues that can be exploited by attackers to execute arbitrary code on vulnerable systems, and critical privilege escalation bugs that can allow an attacker to write arbitrary files to the system. The remaining flaws in Acrobat and Reader products have been rated as
The flaws were reported to Adobe by independent experts and researchers from Qihoo 360, Tencent, Renmin University of China, Cisco Talos, the Chinese Academy of Sciences, Baidu, and McAfee.
Adobe addressed a new critical arbitrary code execution flaw in Flash Player,
Adobe has also addressed two vulnerabilities in Digital Editions, including a critical command injection bug and an important information disclosure vulnerability.
The IT giant also fixed an important denial-of-service (
Adobe confirmed that it’s not aware of any attacks exploiting these vulnerabilities in the wild
(SecurityAffairs – Adobe, Patch Tuesday)