Refine your search
14 vulnerabilities found for Acrobat DC by Adobe
CERTFR-2024-AVI-1056
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Adobe. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | Acrobat | Acrobat 2020 versions antérieures à 20.005.30748 | ||
| Adobe | Acrobat DC | Adobe DC versions antérieures à 24.005.20320 | ||
| Adobe | Acrobat Reader | Acrobat Reader 2020 versions antérieures à 20.005.30748 | ||
| Adobe | Acrobat Reader DC | Adobe Reader DC versions antérieures à 24.005.20320 | ||
| Adobe | Acrobat | Acrobat 2024 versions antérieures à 24.001.30225 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Acrobat 2020 versions ant\u00e9rieures \u00e0 20.005.30748",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe DC versions ant\u00e9rieures \u00e0 24.005.20320",
"product": {
"name": "Acrobat DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader 2020 versions ant\u00e9rieures \u00e0 20.005.30748",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Reader DC versions ant\u00e9rieures \u00e0 24.005.20320",
"product": {
"name": "Acrobat Reader DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2024 versions ant\u00e9rieures \u00e0 24.001.30225",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-49532",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49532"
},
{
"name": "CVE-2024-49530",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49530"
},
{
"name": "CVE-2024-49531",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49531"
},
{
"name": "CVE-2024-49535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49535"
},
{
"name": "CVE-2024-49534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49534"
},
{
"name": "CVE-2024-49533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49533"
}
],
"initial_release_date": "2024-12-11T00:00:00",
"last_revision_date": "2024-12-11T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-1056",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-12-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Adobe. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de service et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Adobe",
"vendor_advisories": [
{
"published_at": "2024-12-10",
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb24-92",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-92.html"
}
]
}
CERTFR-2024-AVI-0764
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Adobe. Elles permettent à un attaquant de provoquer une exécution de code arbitraire et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | ColdFusion | ColdFusion 2021 versions antérieures à Update 16 | ||
| Adobe | Acrobat DC | Acrobat DC versions antérieures à 24.003.20112 | ||
| Adobe | Acrobat Reader DC | Acrobat Reader DC versions antérieures à 24.003.20112 | ||
| Adobe | Acrobat | Acrobat 2024 versions antérieures à 24.001.30187 | ||
| Adobe | Acrobat | Acrobat 2020 versions antérieures à 20.005.30680 | ||
| Adobe | ColdFusion | ColdFusion 2023 versions antérieures à Update 10 | ||
| Adobe | Acrobat Reader | Acrobat Reader 2020 versions antérieures à 20.005.30680 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "ColdFusion 2021 versions ant\u00e9rieures \u00e0 Update 16",
"product": {
"name": "ColdFusion",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat DC versions ant\u00e9rieures \u00e0 24.003.20112",
"product": {
"name": "Acrobat DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader DC versions ant\u00e9rieures \u00e0 24.003.20112",
"product": {
"name": "Acrobat Reader DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2024 versions ant\u00e9rieures \u00e0 24.001.30187",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2020 versions ant\u00e9rieures \u00e0 20.005.30680",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "ColdFusion 2023 versions ant\u00e9rieures \u00e0 Update 10",
"product": {
"name": "ColdFusion",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader 2020 versions ant\u00e9rieures \u00e0 20.005.30680",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-45112",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45112"
},
{
"name": "CVE-2024-41874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41874"
},
{
"name": "CVE-2024-41869",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41869"
}
],
"initial_release_date": "2024-09-11T00:00:00",
"last_revision_date": "2024-09-11T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0764",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-09-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Adobe. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Adobe",
"vendor_advisories": [
{
"published_at": "2024-09-10",
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb24-70",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-70.html"
},
{
"published_at": "2024-09-10",
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb24-71",
"url": "https://helpx.adobe.com/security/products/coldfusion/apsb24-71.html"
}
]
}
CERTFR-2024-AVI-0406
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Adobe. Elles permettent à un attaquant de provoquer une exécution de code arbitraire et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | Acrobat DC | Acrobat DC versions antérieures à 24.002.20759 | ||
| Adobe | Acrobat Reader DC | Acrobat Reader DC versions antérieures à 24.002.20759 | ||
| Adobe | Acrobat Reader | Acrobat Reader 2020 versions antérieures à 20.005.30635 pour macOS | ||
| Adobe | Acrobat | Acrobat 2020 versions antérieures à 20.005.30636 pour Windows | ||
| Adobe | Acrobat Reader | Acrobat Reader 2020 versions antérieures à 20.005.30636 pour Windows | ||
| Adobe | Acrobat | Acrobat 2020 versions antérieures à 20.005.30635 pour macOS |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Acrobat DC versions ant\u00e9rieures \u00e0 24.002.20759",
"product": {
"name": "Acrobat DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader DC versions ant\u00e9rieures \u00e0 24.002.20759",
"product": {
"name": "Acrobat Reader DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader 2020 versions ant\u00e9rieures \u00e0 20.005.30635 pour macOS",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2020 versions ant\u00e9rieures \u00e0 20.005.30636 pour Windows",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader 2020 versions ant\u00e9rieures \u00e0 20.005.30636 pour Windows",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2020 versions ant\u00e9rieures \u00e0 20.005.30635 pour macOS",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-34094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34094"
},
{
"name": "CVE-2024-34099",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34099"
},
{
"name": "CVE-2024-34096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34096"
},
{
"name": "CVE-2024-34098",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34098"
},
{
"name": "CVE-2024-30312",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30312"
},
{
"name": "CVE-2024-30310",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30310"
},
{
"name": "CVE-2024-30311",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30311"
},
{
"name": "CVE-2024-30284",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30284"
},
{
"name": "CVE-2024-34100",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34100"
},
{
"name": "CVE-2024-34101",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34101"
},
{
"name": "CVE-2024-34097",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34097"
},
{
"name": "CVE-2024-34095",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34095"
}
],
"initial_release_date": "2024-05-15T00:00:00",
"last_revision_date": "2024-05-15T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0406",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-05-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Adobe.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Adobe",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb24-29 du 14 mai 2024",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
]
}
CERTFR-2024-AVI-0123
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Adobe. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et injection de code indirecte à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | Commerce | Adobe Commerce version 2.4.4-x antérieures à 2.4.4-p7 | ||
| Adobe | Magento | Magento Open Source versions 2.4.6-x antérieures à 2.4.6-p4 | ||
| Adobe | Commerce | Adobe Commerce version 2.4.3-x antérieures à 2.4.3-ext-6 | ||
| Adobe | Acrobat | Acrobat 2020 versions antérieures à 20.005.30574 sur Windows et macOS | ||
| Adobe | Acrobat Reader | Acrobat Reader 2020 versions antérieures à 20.005.30574 sur Windows et macOS | ||
| Adobe | Acrobat Reader DC | Acrobat Reader DC versions antérieures à 23.008.20533 sur Windows et macOS | ||
| Adobe | Acrobat DC | Acrobat DC versions antérieures à 23.008.20533 sur Windows et macOS | ||
| Adobe | Commerce | Adobe Commerce version 2.4.1-x antérieures à 2.4.1-ext-6 | ||
| Adobe | Commerce | Adobe Commerce version 2.4.0-x antérieures à 2.4.0-ext-6 | ||
| Adobe | Commerce | Adobe Commerce version 2.4.5-x antérieures à 2.4.5-p6 | ||
| Adobe | Magento | Magento Open Source versions 2.4.5-x antérieures à 2.4.5-p6 | ||
| Adobe | Commerce | Adobe Commerce version 2.3.7-x antérieures à 2.3.7-p4-ext-6 | ||
| Adobe | Magento | Magento Open Source versions 2.4.4-x antérieures à 2.4.4-p7 | ||
| Adobe | Commerce | Adobe Commerce version 2.4.6-x antérieures à 2.4.6-p4 | ||
| Adobe | Commerce | Adobe Commerce version 2.4.2-x antérieures à 2.4.2-ext-6 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Adobe Commerce version 2.4.4-x ant\u00e9rieures \u00e0 2.4.4-p7",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Magento Open Source versions 2.4.6-x ant\u00e9rieures \u00e0 2.4.6-p4",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce version 2.4.3-x ant\u00e9rieures \u00e0 2.4.3-ext-6",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2020 versions ant\u00e9rieures \u00e0 20.005.30574 sur Windows et macOS",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader 2020 versions ant\u00e9rieures \u00e0 20.005.30574 sur Windows et macOS",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader DC versions ant\u00e9rieures \u00e0 23.008.20533 sur Windows et macOS",
"product": {
"name": "Acrobat Reader DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat DC versions ant\u00e9rieures \u00e0 23.008.20533 sur Windows et macOS",
"product": {
"name": "Acrobat DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce version 2.4.1-x ant\u00e9rieures \u00e0 2.4.1-ext-6",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce version 2.4.0-x ant\u00e9rieures \u00e0 2.4.0-ext-6",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce version 2.4.5-x ant\u00e9rieures \u00e0 2.4.5-p6",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Magento Open Source versions 2.4.5-x ant\u00e9rieures \u00e0 2.4.5-p6",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce version 2.3.7-x ant\u00e9rieures \u00e0 2.3.7-p4-ext-6",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Magento Open Source versions 2.4.4-x ant\u00e9rieures \u00e0 2.4.4-p7",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce version 2.4.6-x ant\u00e9rieures \u00e0 2.4.6-p4",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce version 2.4.2-x ant\u00e9rieures \u00e0 2.4.2-ext-6",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-20726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20726"
},
{
"name": "CVE-2024-20730",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20730"
},
{
"name": "CVE-2024-20718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20718"
},
{
"name": "CVE-2024-20719",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20719"
},
{
"name": "CVE-2024-20717",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20717"
},
{
"name": "CVE-2024-20736",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20736"
},
{
"name": "CVE-2024-20747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20747"
},
{
"name": "CVE-2024-20734",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20734"
},
{
"name": "CVE-2024-20720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20720"
},
{
"name": "CVE-2024-20748",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20748"
},
{
"name": "CVE-2024-20716",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20716"
},
{
"name": "CVE-2024-20735",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20735"
},
{
"name": "CVE-2024-20749",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20749"
},
{
"name": "CVE-2024-20728",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20728"
},
{
"name": "CVE-2024-20727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20727"
},
{
"name": "CVE-2024-20733",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20733"
},
{
"name": "CVE-2024-20729",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20729"
},
{
"name": "CVE-2024-20731",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20731"
}
],
"initial_release_date": "2024-02-14T00:00:00",
"last_revision_date": "2024-02-14T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0123",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-02-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Adobe\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et injection de code indirecte\n\u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Adobe",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb24-07 du 13 f\u00e9vrier 2024",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb24-03 du 13 f\u00e9vrier 2024",
"url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html"
}
]
}
CERTFR-2023-AVI-0939
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Adobe. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, un contournement de la politique de sécurité et une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | Acrobat DC | Acrobat DC versions antérieures à 23.006.20380 | ||
| Adobe | N/A | AdobeColdFusion versions 2021 sans le correctif de sécurité Update 12 | ||
| Adobe | Acrobat Reader | Acrobat Reader 2020 versions antérieures à 20.005.30539 | ||
| Adobe | N/A | AdobeColdFusion versions 2023 sans le correctif de sécurité Update 6 | ||
| Adobe | Acrobat | Acrobat 2020 versions antérieures à 20.005.30539 | ||
| Adobe | Acrobat Reader DC | Acrobat Reader DC versions antérieures à 23.006.20380 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Acrobat DC versions ant\u00e9rieures \u00e0 23.006.20380",
"product": {
"name": "Acrobat DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "AdobeColdFusion versions 2021 sans le correctif de s\u00e9curit\u00e9 Update 12",
"product": {
"name": "N/A",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader 2020 versions ant\u00e9rieures \u00e0 20.005.30539",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "AdobeColdFusion versions 2023 sans le correctif de s\u00e9curit\u00e9 Update 6",
"product": {
"name": "N/A",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2020 versions ant\u00e9rieures \u00e0 20.005.30539",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader DC versions ant\u00e9rieures \u00e0 23.006.20380",
"product": {
"name": "Acrobat Reader DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-44372",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44372"
},
{
"name": "CVE-2023-44360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44360"
},
{
"name": "CVE-2023-44365",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44365"
},
{
"name": "CVE-2023-44353",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44353"
},
{
"name": "CVE-2023-44337",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44337"
},
{
"name": "CVE-2023-26347",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26347"
},
{
"name": "CVE-2023-44336",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44336"
},
{
"name": "CVE-2023-44356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44356"
},
{
"name": "CVE-2023-44367",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44367"
},
{
"name": "CVE-2023-44339",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44339"
},
{
"name": "CVE-2023-44350",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44350"
},
{
"name": "CVE-2023-44338",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44338"
},
{
"name": "CVE-2023-44351",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44351"
},
{
"name": "CVE-2023-44348",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44348"
},
{
"name": "CVE-2023-44352",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44352"
},
{
"name": "CVE-2023-44359",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44359"
},
{
"name": "CVE-2023-44355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44355"
},
{
"name": "CVE-2023-44361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44361"
},
{
"name": "CVE-2023-44357",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44357"
},
{
"name": "CVE-2023-44340",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44340"
},
{
"name": "CVE-2023-44371",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44371"
},
{
"name": "CVE-2023-44358",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44358"
},
{
"name": "CVE-2023-44366",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44366"
}
],
"initial_release_date": "2023-11-15T00:00:00",
"last_revision_date": "2023-11-15T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Adobe\u00a0apsb23-54 du 14 novembre 2023",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Adobe\u00a0apsb23-52 du 14 novembre 2023",
"url": "https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html"
}
],
"reference": "CERTFR-2023-AVI-0939",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-11-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Adobe\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, un contournement de la politique de s\u00e9curit\u00e9 et une\nex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Adobe",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb23-52 du 14 novembre 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb23-54 du 14 novembre 2023",
"url": null
}
]
}
CERTFR-2023-AVI-0736
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans les produits Adobe. Elle permet à un attaquant de provoquer une exécution de code arbitraire.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | Acrobat DC | Acrobat DC (Continuous) versions 23.x antérieures à 23.006.20320 | ||
| Adobe | Acrobat | Acrobat 2020 (Classic 2020) versions 20.x antérieures à 20.005.30524 | ||
| Adobe | Acrobat Reader | Acrobat Reader 2020 (Classic 2020) versions 20.x antérieures à 20.005.30524 | ||
| Adobe | Acrobat Reader DC | Acrobat Reader DC (Continuous) versions 23.x antérieures à 23.006.20320 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Acrobat DC (Continuous) versions 23.x ant\u00e9rieures \u00e0 23.006.20320",
"product": {
"name": "Acrobat DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2020 (Classic 2020) versions 20.x ant\u00e9rieures \u00e0 20.005.30524",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader 2020 (Classic 2020) versions 20.x ant\u00e9rieures \u00e0 20.005.30524",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader DC (Continuous) versions 23.x ant\u00e9rieures \u00e0 23.006.20320",
"product": {
"name": "Acrobat Reader DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-26369",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26369"
}
],
"initial_release_date": "2023-09-13T00:00:00",
"last_revision_date": "2023-09-13T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0736",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-09-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans \u003cspan class=\"textit\"\u003eles\nproduits Adobe\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits Adobe",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb23-34 du 12 septembre 2023",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-34.html"
}
]
}
CERTFR-2023-AVI-0636
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Adobe. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | Acrobat Reader | Acrobat Reader 2020 versions antérieures à 20.005.30516.10516 sur macOS | ||
| Adobe | Magento | Magento Open Source versions 2.4.4-x antérieures à 2.4.4-p5 | ||
| Adobe | Commerce | Adobe Commerce versions 2.4.6-x antérieures à 2.4.6-p2 | ||
| Adobe | Acrobat Reader | Acrobat Reader 2020 versions antérieures à 20.005.30514.10514 sur Windows | ||
| Adobe | Commerce | Adobe Commerce versions 2.4.2-x antérieures à 2.4.2-ext-4 | ||
| Adobe | Commerce | Adobe Commerce versions 2.4.1-x antérieures à 2.4.1-ext-4 | ||
| Adobe | Commerce | Adobe Commerce versions 2.4.4-x antérieures à 2.4.4-p5 | ||
| Adobe | Magento | Magento Open Source versions 2.4.5-x antérieures à 2.4.5-p4 | ||
| Adobe | Commerce | Adobe Commerce versions 2.4.3-x antérieures à 2.4.3-ext-4 | ||
| Adobe | Acrobat | Acrobat 2020 versions antérieures à 20.005.30516.10516 sur macOS | ||
| Adobe | Magento | Magento Open Source versions 2.4.6-x antérieures à 2.4.6-p2 | ||
| Adobe | Commerce | Adobe Commerce versions 2.3.7-x antérieures à 2.3.7-p4-ext-4 | ||
| Adobe | Commerce | Adobe Commerce versions 2.4.5-x antérieures à 2.4.5-p4 | ||
| Adobe | Commerce | Adobe Commerce versions 2.4.0-x antérieures à 2.4.0-ext-4 | ||
| Adobe | Acrobat | Acrobat 2020 versions antérieures à 20.005.30514.10514 sur Windows | ||
| Adobe | Acrobat Reader DC | Acrobat Reader DC versions antérieures à 23.003.20269 sur Windows et macOS | ||
| Adobe | Acrobat DC | Acrobat DC versions antérieures à 23.003.20269 sur Windows et macOS |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Acrobat Reader 2020 versions ant\u00e9rieures \u00e0 20.005.30516.10516 sur macOS",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Magento Open Source versions 2.4.4-x ant\u00e9rieures \u00e0 2.4.4-p5",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.4.6-x ant\u00e9rieures \u00e0 2.4.6-p2",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader 2020 versions ant\u00e9rieures \u00e0 20.005.30514.10514 sur Windows",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.4.2-x ant\u00e9rieures \u00e0 2.4.2-ext-4",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.4.1-x ant\u00e9rieures \u00e0 2.4.1-ext-4",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.4.4-x ant\u00e9rieures \u00e0 2.4.4-p5",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Magento Open Source versions 2.4.5-x ant\u00e9rieures \u00e0 2.4.5-p4",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.4.3-x ant\u00e9rieures \u00e0 2.4.3-ext-4",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2020 versions ant\u00e9rieures \u00e0 20.005.30516.10516 sur macOS",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Magento Open Source versions 2.4.6-x ant\u00e9rieures \u00e0 2.4.6-p2",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.3.7-x ant\u00e9rieures \u00e0 2.3.7-p4-ext-4",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.4.5-x ant\u00e9rieures \u00e0 2.4.5-p4",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.4.0-x ant\u00e9rieures \u00e0 2.4.0-ext-4",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2020 versions ant\u00e9rieures \u00e0 20.005.30514.10514 sur Windows",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader DC versions ant\u00e9rieures \u00e0 23.003.20269 sur Windows et macOS",
"product": {
"name": "Acrobat Reader DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat DC versions ant\u00e9rieures \u00e0 23.003.20269 sur Windows et macOS",
"product": {
"name": "Acrobat DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-38243",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38243"
},
{
"name": "CVE-2023-38207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38207"
},
{
"name": "CVE-2023-38241",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38241"
},
{
"name": "CVE-2023-38235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38235"
},
{
"name": "CVE-2023-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38227"
},
{
"name": "CVE-2023-38239",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38239"
},
{
"name": "CVE-2023-29303",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29303"
},
{
"name": "CVE-2023-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38245"
},
{
"name": "CVE-2023-38228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38228"
},
{
"name": "CVE-2023-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38222"
},
{
"name": "CVE-2023-29320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29320"
},
{
"name": "CVE-2023-38234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38234"
},
{
"name": "CVE-2023-38225",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38225"
},
{
"name": "CVE-2023-38232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38232"
},
{
"name": "CVE-2023-38240",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38240"
},
{
"name": "CVE-2023-38224",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38224"
},
{
"name": "CVE-2023-38230",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38230"
},
{
"name": "CVE-2023-38247",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38247"
},
{
"name": "CVE-2023-38223",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38223"
},
{
"name": "CVE-2023-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38237"
},
{
"name": "CVE-2023-29299",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29299"
},
{
"name": "CVE-2023-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38226"
},
{
"name": "CVE-2023-38238",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38238"
},
{
"name": "CVE-2023-38242",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38242"
},
{
"name": "CVE-2023-38236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38236"
},
{
"name": "CVE-2023-38246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38246"
},
{
"name": "CVE-2023-38208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38208"
},
{
"name": "CVE-2023-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38229"
},
{
"name": "CVE-2023-38209",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38209"
},
{
"name": "CVE-2023-38244",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38244"
},
{
"name": "CVE-2023-38248",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38248"
},
{
"name": "CVE-2023-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38231"
},
{
"name": "CVE-2023-38233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38233"
}
],
"initial_release_date": "2023-08-09T00:00:00",
"last_revision_date": "2023-08-09T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0636",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-08-09T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Adobe.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Adobe",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb23-42 du 08 ao\u00fbt 2023",
"url": "https://helpx.adobe.com/security/products/magento/apsb23-42.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb23-30 du 08 ao\u00fbt 2023",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
]
}
CERTFR-2022-AVI-920
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Adobe. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | ColdFusion | ColdFusion 2021 versions antérieures à Update 5 | ||
| Adobe | Commerce | Adobe Commerce versions 2.4.4x antérieures à 2.4.4-p2 | ||
| Adobe | Magento | Magento Open Source versions 2.4.5x antérieures à 2.4.5-p1 | ||
| Adobe | Magento | Magento Open Source versions 2.4.4x antérieures à 2.4.4-p2 | ||
| Adobe | Acrobat Reader DC | Acrobat Reader DC versions antérieures à 22.003.20258 | ||
| Adobe | Acrobat DC | Acrobat DC versions antérieures à 22.003.20258 | ||
| Adobe | Acrobat | Acrobat 2020 versions antérieures à 20.005.30407 | ||
| Adobe | ColdFusion | ColdFusion 2018 versions antérieures à Update 15 | ||
| Adobe | Commerce | Adobe Commerce versions 2.4.5x antérieures à 2.4.5-p1 | ||
| Adobe | Acrobat Reader | Acrobat Reader 2020 versions antérieures à 20.005.30407 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "ColdFusion 2021 versions ant\u00e9rieures \u00e0 Update 5",
"product": {
"name": "ColdFusion",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.4.4x ant\u00e9rieures \u00e0 2.4.4-p2",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Magento Open Source versions 2.4.5x ant\u00e9rieures \u00e0 2.4.5-p1",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Magento Open Source versions 2.4.4x ant\u00e9rieures \u00e0 2.4.4-p2",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader DC versions ant\u00e9rieures \u00e0 22.003.20258",
"product": {
"name": "Acrobat Reader DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat DC versions ant\u00e9rieures \u00e0 22.003.20258",
"product": {
"name": "Acrobat DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2020 versions ant\u00e9rieures \u00e0 20.005.30407",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "ColdFusion 2018 versions ant\u00e9rieures \u00e0 Update 15",
"product": {
"name": "ColdFusion",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.4.5x ant\u00e9rieures \u00e0 2.4.5-p1",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader 2020 versions ant\u00e9rieures \u00e0 20.005.30407",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-42342",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42342"
},
{
"name": "CVE-2022-42339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42339"
},
{
"name": "CVE-2022-35712",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35712"
},
{
"name": "CVE-2022-35711",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35711"
},
{
"name": "CVE-2022-35690",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35690"
},
{
"name": "CVE-2022-35689",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35689"
},
{
"name": "CVE-2022-35710",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35710"
},
{
"name": "CVE-2022-38422",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38422"
},
{
"name": "CVE-2022-42340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42340"
},
{
"name": "CVE-2022-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38420"
},
{
"name": "CVE-2022-35691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35691"
},
{
"name": "CVE-2022-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38424"
},
{
"name": "CVE-2022-38423",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38423"
},
{
"name": "CVE-2022-38421",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38421"
},
{
"name": "CVE-2022-38449",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38449"
},
{
"name": "CVE-2022-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38419"
},
{
"name": "CVE-2022-38437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38437"
},
{
"name": "CVE-2022-35698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35698"
},
{
"name": "CVE-2022-38450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38450"
},
{
"name": "CVE-2022-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38418"
},
{
"name": "CVE-2022-42341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42341"
}
],
"initial_release_date": "2022-10-17T00:00:00",
"last_revision_date": "2022-10-17T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-920",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Adobe.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Adobe",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb22-44 du 11 octobre 2022",
"url": "https://helpx.adobe.com/security/products/coldfusion/apsb22-44.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb22-48 du 12 octobre 2022",
"url": "https://helpx.adobe.com/security/products/magento/apsb22-48.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb22-46 du 11 octobre 2022",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-46.html"
}
]
}
CERTFR-2022-AVI-726
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Adobe. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | Acrobat Reader | Acrobat Reader 2017 versions antérieures à 17.012.30262 | ||
| Adobe | Commerce | Adobe Commerce versions 2.3.x antérieures à 2.3.7-p4 | ||
| Adobe | Acrobat DC | Acrobat DC versions antérieures à 22.002.20191 | ||
| Adobe | Magento | Magento Open Source versions 2.3.x antérieures à 2.3.7-p4 | ||
| Adobe | Acrobat Reader DC | Acrobat Reader DC versions antérieures à 22.002.20191 | ||
| Adobe | Magento | Magento Open Source versions 2.3.x antérieures à 2.4.3-p3, 2.4.4-p1 ou 2.4.5 | ||
| Adobe | Commerce | Adobe Commerce versions 2.4.x antérieures à 2.4.3-p3, 2.4.4-p1 ou 2.4.5 | ||
| Adobe | Acrobat | Acrobat 2017 versions antérieures à 17.012.30262 | ||
| Adobe | Acrobat Reader | Acrobat Reader versions antérieures à 2020 20.005.30381 | ||
| Adobe | Acrobat | Acrobat 2020 versions antérieures à 20.005.30381 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Acrobat Reader 2017 versions ant\u00e9rieures \u00e0 17.012.30262",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.3.x ant\u00e9rieures \u00e0 2.3.7-p4",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat DC versions ant\u00e9rieures \u00e0 22.002.20191",
"product": {
"name": "Acrobat DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Magento Open Source versions 2.3.x ant\u00e9rieures \u00e0 2.3.7-p4",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader DC versions ant\u00e9rieures \u00e0 22.002.20191",
"product": {
"name": "Acrobat Reader DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Magento Open Source versions 2.3.x ant\u00e9rieures \u00e0 2.4.3-p3, 2.4.4-p1 ou 2.4.5",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.4.x ant\u00e9rieures \u00e0 2.4.3-p3, 2.4.4-p1 ou 2.4.5",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2017 versions ant\u00e9rieures \u00e0 17.012.30262",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader versions ant\u00e9rieures \u00e0 2020 20.005.30381",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2020 versions ant\u00e9rieures \u00e0 20.005.30381",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-35667",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35667"
},
{
"name": "CVE-2022-34258",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34258"
},
{
"name": "CVE-2022-34253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34253"
},
{
"name": "CVE-2022-34256",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34256"
},
{
"name": "CVE-2022-34257",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34257"
},
{
"name": "CVE-2022-35670",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35670"
},
{
"name": "CVE-2022-35678",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35678"
},
{
"name": "CVE-2022-35666",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35666"
},
{
"name": "CVE-2022-35671",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35671"
},
{
"name": "CVE-2022-34254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34254"
},
{
"name": "CVE-2022-35665",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35665"
},
{
"name": "CVE-2022-34259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34259"
},
{
"name": "CVE-2022-34255",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34255"
},
{
"name": "CVE-2022-35668",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35668"
}
],
"initial_release_date": "2022-08-10T00:00:00",
"last_revision_date": "2022-08-10T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-726",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-08-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Adobe.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un contournement de la\npolitique de s\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Adobe",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb22-39 du 09 ao\u00fbt 2022",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb22-38 du 09 ao\u00fbt 2022",
"url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html"
}
]
}
CERTFR-2022-AVI-333
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Adobe. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | Acrobat DC | Acrobat DC pour Windows versions antérieures à 22.001.20117 | ||
| Adobe | Acrobat Reader | Acrobat Reader 2020 pour Mac versions antérieures à 20.005.30331 | ||
| Adobe | Acrobat Reader | Acrobat Reader 2020 pour Windows versions antérieures à 20.005.30334 | ||
| Adobe | Acrobat | Acrobat 2017 pour Mac versions antérieures à 17.012.30227 | ||
| Adobe | Commerce | Adobe Commerce versions 2.4.x antérieures à 2.4.3-p2, 2.4.4 | ||
| Adobe | Acrobat Reader DC | Acrobat Reader DC pour Mac versions antérieures à 22.001.20112 | ||
| Adobe | Acrobat Reader | Acrobat Reader 2017 pour Windows versions antérieures à 17.012.30229 | ||
| Adobe | Commerce | Adobe Commerce versions 2.3.x antérieures à 2.3.7-p3 | ||
| Adobe | Magento | Magento Open Source versions 2.4.x antérieures 2.4.3-p2, 2.4.4 | ||
| Adobe | Acrobat Reader DC | Acrobat Reader DC pour Windows versions antérieures à 22.001.20117 | ||
| Adobe | Acrobat | Acrobat 2020 pour Mac versions antérieures à 20.005.30331 | ||
| Adobe | Magento | Magento Open Source versions 2.3.x antérieures à 2.3.7-p3 | ||
| Adobe | Acrobat | Acrobat 2017 pour Windows versions antérieures à 17.012.30229 | ||
| Adobe | Acrobat Reader | Acrobat Reader 2017 pour Mac versions antérieures à 17.012.30227 | ||
| Adobe | Acrobat | Acrobat 2020 pour Windows versions antérieures à 20.005.30334 | ||
| Adobe | Acrobat DC | Acrobat DC pour Mac versions antérieures à 22.001.20112 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Acrobat DC pour Windows versions ant\u00e9rieures \u00e0 22.001.20117",
"product": {
"name": "Acrobat DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader 2020 pour Mac versions ant\u00e9rieures \u00e0 20.005.30331",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader 2020 pour Windows versions ant\u00e9rieures \u00e0 20.005.30334",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2017 pour Mac versions ant\u00e9rieures \u00e0 17.012.30227",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.4.x ant\u00e9rieures \u00e0 2.4.3-p2, 2.4.4",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader DC pour Mac versions ant\u00e9rieures \u00e0 22.001.20112",
"product": {
"name": "Acrobat Reader DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader 2017 pour Windows versions ant\u00e9rieures \u00e0 17.012.30229",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Commerce versions 2.3.x ant\u00e9rieures \u00e0 2.3.7-p3",
"product": {
"name": "Commerce",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Magento Open Source versions 2.4.x ant\u00e9rieures 2.4.3-p2, 2.4.4",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader DC pour Windows versions ant\u00e9rieures \u00e0 22.001.20117",
"product": {
"name": "Acrobat Reader DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2020 pour Mac versions ant\u00e9rieures \u00e0 20.005.30331",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Magento Open Source versions 2.3.x ant\u00e9rieures \u00e0 2.3.7-p3",
"product": {
"name": "Magento",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2017 pour Windows versions ant\u00e9rieures \u00e0 17.012.30229",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader 2017 pour Mac versions ant\u00e9rieures \u00e0 17.012.30227",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2020 pour Windows versions ant\u00e9rieures \u00e0 20.005.30334",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat DC pour Mac versions ant\u00e9rieures \u00e0 22.001.20112",
"product": {
"name": "Acrobat DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-28242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28242"
},
{
"name": "CVE-2022-27798",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27798"
},
{
"name": "CVE-2022-28236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28236"
},
{
"name": "CVE-2022-27791",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27791"
},
{
"name": "CVE-2022-28263",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28263"
},
{
"name": "CVE-2022-28269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28269"
},
{
"name": "CVE-2022-28259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28259"
},
{
"name": "CVE-2022-27790",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27790"
},
{
"name": "CVE-2022-28235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28235"
},
{
"name": "CVE-2022-24101",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24101"
},
{
"name": "CVE-2022-28241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28241"
},
{
"name": "CVE-2022-27787",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27787"
},
{
"name": "CVE-2022-28257",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28257"
},
{
"name": "CVE-2022-27786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27786"
},
{
"name": "CVE-2022-28248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28248"
},
{
"name": "CVE-2022-28264",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28264"
},
{
"name": "CVE-2022-28237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28237"
},
{
"name": "CVE-2022-28249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28249"
},
{
"name": "CVE-2022-28254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28254"
},
{
"name": "CVE-2022-28262",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28262"
},
{
"name": "CVE-2022-27800",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27800"
},
{
"name": "CVE-2022-27797",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27797"
},
{
"name": "CVE-2022-28230",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28230"
},
{
"name": "CVE-2022-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27789"
},
{
"name": "CVE-2022-28245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28245"
},
{
"name": "CVE-2022-24104",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24104"
},
{
"name": "CVE-2022-24103",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24103"
},
{
"name": "CVE-2022-24093",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24093"
},
{
"name": "CVE-2022-27795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27795"
},
{
"name": "CVE-2022-28238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28238"
},
{
"name": "CVE-2022-27793",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27793"
},
{
"name": "CVE-2022-27799",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27799"
},
{
"name": "CVE-2022-28260",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28260"
},
{
"name": "CVE-2022-28244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28244"
},
{
"name": "CVE-2022-24102",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24102"
},
{
"name": "CVE-2022-28250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28250"
},
{
"name": "CVE-2022-28253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28253"
},
{
"name": "CVE-2022-28265",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28265"
},
{
"name": "CVE-2022-28239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28239"
},
{
"name": "CVE-2022-28243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28243"
},
{
"name": "CVE-2022-28255",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28255"
},
{
"name": "CVE-2022-28246",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28246"
},
{
"name": "CVE-2022-28252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28252"
},
{
"name": "CVE-2022-28267",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28267"
},
{
"name": "CVE-2022-28261",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28261"
},
{
"name": "CVE-2022-28231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28231"
},
{
"name": "CVE-2022-28232",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28232"
},
{
"name": "CVE-2022-28266",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28266"
},
{
"name": "CVE-2022-28247",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28247"
},
{
"name": "CVE-2022-28251",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28251"
},
{
"name": "CVE-2022-27802",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27802"
},
{
"name": "CVE-2022-27801",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27801"
},
{
"name": "CVE-2022-27785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27785"
},
{
"name": "CVE-2022-28240",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28240"
},
{
"name": "CVE-2022-28256",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28256"
},
{
"name": "CVE-2022-27796",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27796"
},
{
"name": "CVE-2022-28268",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28268"
},
{
"name": "CVE-2022-27792",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27792"
},
{
"name": "CVE-2022-28258",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28258"
},
{
"name": "CVE-2022-28233",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28233"
},
{
"name": "CVE-2022-27788",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27788"
},
{
"name": "CVE-2022-27794",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27794"
},
{
"name": "CVE-2022-28234",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28234"
}
],
"initial_release_date": "2022-04-13T00:00:00",
"last_revision_date": "2022-04-13T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-333",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-04-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Adobe.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Adobe",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb22-16 du 12 avril 2022",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb22-13 du 12 avril 2022",
"url": "https://helpx.adobe.com/security/products/magento/apsb22-13.html"
}
]
}
CERTFR-2021-AVI-765
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Adobe. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | Acrobat Reader | Acrobat Reader 2020 version 20.004.30015 et antérieures | ||
| Adobe | Acrobat Reader DC | Acrobat Reader DC (pour Windows) version 21.007.20095 et antérieures | ||
| Adobe | Acrobat Reader | Acrobat Reader 2017 version 17.011.30202 et antérieures | ||
| Adobe | Acrobat DC | Acrobat DC (pour macOS) version 21.007.20096 et antérieures | ||
| Adobe | Acrobat DC | Acrobat DC (pour Windows) version 21.007.20095 et antérieures | ||
| Adobe | Acrobat Reader DC | Acrobat Reader DC (pour macOS) version 21.007.20096 et antérieures | ||
| Adobe | Acrobat | Acrobat 2017 version 17.011.30202 et antérieures | ||
| Adobe | Acrobat | Acrobat 2020 version 20.004.30015 et antérieures |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Acrobat Reader 2020 version 20.004.30015 et ant\u00e9rieures",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader DC (pour Windows) version 21.007.20095 et ant\u00e9rieures",
"product": {
"name": "Acrobat Reader DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader 2017 version 17.011.30202 et ant\u00e9rieures",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat DC (pour macOS) version 21.007.20096 et ant\u00e9rieures",
"product": {
"name": "Acrobat DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat DC (pour Windows) version 21.007.20095 et ant\u00e9rieures",
"product": {
"name": "Acrobat DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader DC (pour macOS) version 21.007.20096 et ant\u00e9rieures",
"product": {
"name": "Acrobat Reader DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2017 version 17.011.30202 et ant\u00e9rieures",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2020 version 20.004.30015 et ant\u00e9rieures",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [],
"initial_release_date": "2021-10-11T00:00:00",
"last_revision_date": "2021-10-11T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-765",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-10-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Adobe.\nElles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Adobe",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb21-104 du 08 octobre 2021",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-104.html"
}
]
}
CERTFR-2021-AVI-704
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Adobe. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | ColdFusion | ColdFusion 2021 versions antérieures à la version 2 | ||
| Adobe | Acrobat Reader | Acrobat Reader 2020 Classic 2020 versions antérieures à 2020.004.30015 | ||
| Adobe | Acrobat Reader DC | Acrobat Reader DC versions antérieures à 2021.007.20091 | ||
| Adobe | ColdFusion | ColdFusion 2018 versions antérieures à la version 12 | ||
| Adobe | Acrobat | Acrobat 2017 Classic 2017 versions antérieures à 2017.011.30202 | ||
| Adobe | Acrobat Reader | Acrobat Reader 2017 Classic 2017 versions antérieures à 2017.011.30202 | ||
| Adobe | Acrobat DC | Acrobat DC versions antérieures à 2021.007.20091 | ||
| Adobe | Acrobat | Acrobat 2020 Classic 2020 versions antérieures à 2020.004.30015 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "ColdFusion 2021 versions ant\u00e9rieures \u00e0 la version 2",
"product": {
"name": "ColdFusion",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader 2020 Classic 2020 versions ant\u00e9rieures \u00e0 2020.004.30015",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader DC versions ant\u00e9rieures \u00e0 2021.007.20091",
"product": {
"name": "Acrobat Reader DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "ColdFusion 2018 versions ant\u00e9rieures \u00e0 la version 12",
"product": {
"name": "ColdFusion",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2017 Classic 2017 versions ant\u00e9rieures \u00e0 2017.011.30202",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader 2017 Classic 2017 versions ant\u00e9rieures \u00e0 2017.011.30202",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat DC versions ant\u00e9rieures \u00e0 2021.007.20091",
"product": {
"name": "Acrobat DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2020 Classic 2020 versions ant\u00e9rieures \u00e0 2020.004.30015",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-39852",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39852"
},
{
"name": "CVE-2021-39839",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39839"
},
{
"name": "CVE-2021-39838",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39838"
},
{
"name": "CVE-2021-35982",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35982"
},
{
"name": "CVE-2021-39859",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39859"
},
{
"name": "CVE-2021-39863",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39863"
},
{
"name": "CVE-2021-39850",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39850"
},
{
"name": "CVE-2021-39845",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39845"
},
{
"name": "CVE-2021-39855",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39855"
},
{
"name": "CVE-2021-39840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39840"
},
{
"name": "CVE-2021-39837",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39837"
},
{
"name": "CVE-2021-40699",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40699"
},
{
"name": "CVE-2021-39843",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39843"
},
{
"name": "CVE-2021-40698",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40698"
},
{
"name": "CVE-2021-39853",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39853"
},
{
"name": "CVE-2021-39844",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39844"
},
{
"name": "CVE-2021-39856",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39856"
},
{
"name": "CVE-2021-39849",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39849"
},
{
"name": "CVE-2021-39846",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39846"
},
{
"name": "CVE-2021-39857",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39857"
},
{
"name": "CVE-2021-39858",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39858"
},
{
"name": "CVE-2021-39861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39861"
},
{
"name": "CVE-2021-39841",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39841"
},
{
"name": "CVE-2021-39842",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39842"
},
{
"name": "CVE-2021-39860",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39860"
},
{
"name": "CVE-2021-39836",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39836"
},
{
"name": "CVE-2021-39854",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39854"
},
{
"name": "CVE-2021-39851",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39851"
}
],
"initial_release_date": "2021-09-15T00:00:00",
"last_revision_date": "2021-09-15T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-704",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-09-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Adobe.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Adobe",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb21-75 du 14 septembre 2021",
"url": "https://helpx.adobe.com/security/products/coldfusion/apsb21-75.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb21-55 du 14 septembre 2021",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
}
CERTFR-2018-AVI-389
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Adobe. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | N/A | Adobe Flash Player pour Google Chrome versions 30.0.0.134 et antérieures sur Windows, macOS, Linux et Chrome OS | ||
| Adobe | Acrobat | Acrobat 2017 Classic 2017 versions 2017.011.30096 et antérieures sur Windows et macOS | ||
| Adobe | N/A | Adobe Flash Player pour Microsoft Edge et Internet Explorer 11 versions 30.0.0.134 et antérieures sur Windows 10 et 8.1 | ||
| Adobe | Acrobat Reader | Acrobat Reader 2017 Classic 2017 versions 2017.011.30096 et antérieures sur Windows et macOS | ||
| Adobe | Acrobat DC | Acrobat DC Continuous versions 2018.011.20055 et antérieures sur Windows et macOS | ||
| Adobe | Acrobat DC | Acrobat DC Classic 2015 versions 2015.006.30434 et antérieures sur Windows et macOS | ||
| Adobe | Acrobat Reader DC | Acrobat Reader DC Classic 2015 2015.006.30434 et antérieures sur Windows et macOS | ||
| Adobe | N/A | Adobe Flash Player Desktop Runtime versions 30.0.0.134 et antérieures sur Windows, macOS et Linux | ||
| Adobe | Acrobat Reader DC | Acrobat Reader DC Continuous versions 2018.011.20055 et antérieures sur Windows et macOS |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Adobe Flash Player pour Google Chrome versions 30.0.0.134 et ant\u00e9rieures sur Windows, macOS, Linux et Chrome OS",
"product": {
"name": "N/A",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat 2017 Classic 2017 versions 2017.011.30096 et ant\u00e9rieures sur Windows et macOS",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Flash Player pour Microsoft Edge et Internet Explorer 11 versions 30.0.0.134 et ant\u00e9rieures sur Windows 10 et 8.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader 2017 Classic 2017 versions 2017.011.30096 et ant\u00e9rieures sur Windows et macOS",
"product": {
"name": "Acrobat Reader",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat DC Continuous versions 2018.011.20055 et ant\u00e9rieures sur Windows et macOS",
"product": {
"name": "Acrobat DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat DC Classic 2015 versions 2015.006.30434 et ant\u00e9rieures sur Windows et macOS",
"product": {
"name": "Acrobat DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader DC Classic 2015 2015.006.30434 et ant\u00e9rieures sur Windows et macOS",
"product": {
"name": "Acrobat Reader DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Flash Player Desktop Runtime versions 30.0.0.134 et ant\u00e9rieures sur Windows, macOS et Linux",
"product": {
"name": "N/A",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Acrobat Reader DC Continuous versions 2018.011.20055 et ant\u00e9rieures sur Windows et macOS",
"product": {
"name": "Acrobat Reader DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-12825",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12825"
},
{
"name": "CVE-2018-12808",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12808"
},
{
"name": "CVE-2018-12826",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12826"
},
{
"name": "CVE-2018-12799",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12799"
},
{
"name": "CVE-2018-12827",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12827"
},
{
"name": "CVE-2018-12828",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12828"
},
{
"name": "CVE-2018-12824",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12824"
}
],
"initial_release_date": "2018-08-16T00:00:00",
"last_revision_date": "2018-08-16T00:00:00",
"links": [],
"reference": "CERTFR-2018-AVI-389",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-08-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Adobe.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un contournement de la politique de\ns\u00e9curit\u00e9 et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Adobe",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB18-25 du 14 ao\u00fbt 2018",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb18-25.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB18-29 du 14 ao\u00fbt 2018",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb18-29.html"
}
]
}
CERTFR-2016-AVI-085
Vulnerability from certfr_avis
De multiples vulnérabilités ont été corrigées dans les produits Adobe. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | N/A | Adobe Reader XI versions antérieures à 11.0.15 pour Windows et Macintosh | ||
| Adobe | N/A | Adobe Digital Editions versions antérieures à 4.5.1 pour Windows, Macintosh, iOS et Android | ||
| Adobe | Acrobat DC | Adobe Acrobat DC versions antérieures à 15.010.20060 pour Windows et Macintosh | ||
| Adobe | Acrobat | Adobe Acrobat XI versions antérieures à 11.0.15 pour Windows et Macintosh | ||
| Adobe | Acrobat DC | Adobe Acrobat DC (Classic) versions antérieures à 15.06.30121 pour Windows et Macintosh | ||
| Adobe | Acrobat Reader DC | Adobe Acrobat Reader DC (Classic) versions antérieures à 15.06.30121 pour Windows et Macintosh | ||
| Adobe | Acrobat Reader DC | Adobe Acrobat Reader DC versions antérieures à 15.010.20060 pour Windows et Macintosh |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Adobe Reader XI versions ant\u00e9rieures \u00e0 11.0.15 pour Windows et Macintosh",
"product": {
"name": "N/A",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Digital Editions versions ant\u00e9rieures \u00e0 4.5.1 pour Windows, Macintosh, iOS et Android",
"product": {
"name": "N/A",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Acrobat DC versions ant\u00e9rieures \u00e0 15.010.20060 pour Windows et Macintosh",
"product": {
"name": "Acrobat DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Acrobat XI versions ant\u00e9rieures \u00e0 11.0.15 pour Windows et Macintosh",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Acrobat DC (Classic) versions ant\u00e9rieures \u00e0 15.06.30121 pour Windows et Macintosh",
"product": {
"name": "Acrobat DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Acrobat Reader DC (Classic) versions ant\u00e9rieures \u00e0 15.06.30121 pour Windows et Macintosh",
"product": {
"name": "Acrobat Reader DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Acrobat Reader DC versions ant\u00e9rieures \u00e0 15.010.20060 pour Windows et Macintosh",
"product": {
"name": "Acrobat Reader DC",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-1009",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1009"
},
{
"name": "CVE-2016-0954",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0954"
},
{
"name": "CVE-2016-1007",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1007"
},
{
"name": "CVE-2016-1008",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1008"
}
],
"initial_release_date": "2016-03-08T00:00:00",
"last_revision_date": "2016-03-08T00:00:00",
"links": [],
"reference": "CERTFR-2016-AVI-085",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-03-08T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Adobe\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Adobe",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb16-06 du 08 mars 2016",
"url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-06.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb16-09 du 08 mars 2016",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-09.html"
}
]
}