Passa ai contenuti principali

Cerca nel blog

alerts.gdaverio.it

alerts.gdaverio.it

Alert GCSA-24129 - Adobe Monthly Security Update - Ottobre 2024

Ottieni link
Facebook
Twitter
Pinterest
Email
Altre app

******************************************************************

Alert ID: GCSA-24129
Data: 9 Ottobre 2024
Titolo: Adobe Monthly Security Update - Ottobre 2024

******************************************************************

:: Descrizione del problema

Adobe ha rilasciato i seguenti aggiornamenti di sicurezza
con i quali risolve vulnerabilita' multiple, di cui una digravita' "critica"
e 29 di gravita' "alta".

APSB24-52 : Security update available for Adobe Substance 3D Painter
APSB24-73 : Security update available for Adobe Commerce
APSB24-74 : Security update available for Adobe Dimension
APSB24-76 : Security update available for Adobe Animate
APSB24-78 : Security update available for Adobe Lightroom
APSB24-79 : Security update available for Adobe InCopy
APSB24-80 : Security update available for Adobe InDesign
APSB24-81 : Security update available for Adobe Substance 3D Stager
APSB24-82 : Security update available for Adobe FrameMaker

Maggiori informazioni sono disponibili alla sezione "Riferimenti".

:: Software interessato

Adobe Substance 3D Painter 10.0.1 e precedenti
Adobe Commerce 2.4.7-p2 e precedenti
Adobe Commerce 2.4.6-p7 e precedenti
Adobe Commerce 2.4.5-p9 e precedenti
Adobe Commerce 2.4.4-p10 e precedenti
Adobe Commerce B2B 1.4.2-p2 e precedenti
Adobe Commerce B2B 1.3.5-p7 e precedenti
Adobe Commerce B2B 1.3.4-p9 e precedenti
Adobe Commerce B2B 1.3.3-p10 e precedenti
Magento Open Source 2.4.7-p2 e precedenti
Magento Open Source 2.4.6-p7 e precedenti
Magento Open Source 2.4.5-p9 e precedenti
Magento Open Source 2.4.4-p10 e precedenti
Adobe Dimension 4.0.3 e precedenti
Adobe Animate 2023 23.0.7 e precedenti
Adobe Animate 2024 24.0.4 e precedenti
Lightroom 7.4.1 e precedenti
Lightroom Classic 13.5 e precedenti
Lightroom Classic (LTS) 12.5.1 e precedenti
Adobe InCopy 19.4 e precedenti
Adobe InCopy 18.5.3 e precedenti
Adobe InDesign ID19.4 and earlier version
Adobe InDesign ID18.5.3 and earlier version
Adobe Substance 3D Stager 3.0.3 e precedenti
Adobe FrameMaker 2020 Release Update 6 e precedenti
Adobe FrameMaker 2022 Release Update 4 e precedenti

:: Impatto

Esecuzione remota di codice arbitrario (RCE)
Rivelazione di informazioni (ID)
Security Feature Bypass (SFB)
Privilege Escalation (PE)

:: Soluzioni

Aggiornare i prodotti software alle versioni piu' recenti.

:: Riferimenti

Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security/Home.html
https://helpx.adobe.com/security.html/security/security-bulletin.html
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-52.html
https://helpx.adobe.com/security/products/magento/apsb24-73.html
https://helpx.adobe.com/security/products/dimension/apsb24-74.html
https://helpx.adobe.com/security/products/animate/apsb24-76.html
https://helpx.adobe.com/security/products/incopy/apsb24-79.html
https://helpx.adobe.com/security/products/indesign/apsb24-80.html
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html
https://helpx.adobe.com/security/products/framemaker/apsb24-82.html

CSIRT Italia
https://www.csirt.gov.it/contenuti/adobe-rilascia-aggiornamenti-per-sanare-molteplici-vulnerabilita-al03-241009-csirt-ita

CISA
https://www.cisa.gov/news-events/alerts/2024/10/08/adobe-releases-security-updates-multiple-products

CIS - Center for Internet Security
https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-adobe-products-could-allow-for-arbitrary-code-execution_2024-112

Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20787
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45115
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45116
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45117
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45118
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45119
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45120
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45121
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45122
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45123
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45125
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45127
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45128
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45129
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45130
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45131
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45132
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45133
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45134
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45135
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45136
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45137
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45138
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45139
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45140
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45141
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45142
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45143
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45144
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45145
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45146
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45148
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45149
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45150
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45152
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47410
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47411
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47412
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47413
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47414
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47415
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47416
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47417
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47418
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47419
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47420
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47421
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47422
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47423
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47424
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47425

GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert

-----BEGIN PGP SIGNATURE-----

iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZwZwJwAKCRDBnEyTZRJg
QjmtAJ9E8OqxfCM9RkkuKA9Cs8QLPsrsKACfemepeB3p2ahIKqCZqe17gxW5U6w=
=qX9d
-----END PGP SIGNATURE-----

adobe

Ottieni link
Facebook
Twitter
Pinterest
Email
Altre app

Gianandrea Daverio
Cyber Security Professional

HOME PAGE
ABOUT MYSELF
CYBERSECURITY
GARAGE STUFFS
PRESS ROOM
BLOG
CONTACT

© Copyright 2023 | All rights reserved | Gianandrea Daverio | Privacy

LAST MONTH VISITORS

Powered by Blogger

ABOUT MYSELF

ARCHIVIO BLOG

.

ott 20249
set 202414
ago 20247
lug 202414
giu 202411
mag 202415
apr 202411
mar 202419
feb 202417
gen 202415

Mostra di più Mostra di meno

COVERED TOPICS

.

chrome
microsoft
mozilla
apple
microsoft edge
adobe
gitlab
apache
oracle
drupal

bind
moodle
fortinet
openssl
joomla
qnap
magento
wordpress
samba
microsoft 365
atlassian
cisco
zoom
exim
openssh
anydesk
docker
kubernetes
owncloud
paloalto
php
sonicwall
vmware

Mostra di più Mostra di meno