Alert GCSA-24147 - Adobe Monthly Security Update - Novembre 2024
******************************************************************
Alert ID: GCSA-24147
Data: 13 Novembre 2024
Titolo: Adobe Monthly Security Update - Novembre 2024
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato i seguenti aggiornamenti di sicurezza
con i quali risolve vulnerabilita' multiple:
APSB24-77: Security Updates Available for Adobe Bridge
APSB24-83: Security Updates Available for Adobe Audition
APSB24-85: Security Updates Available for Adobe After Effects
APSB24-86: Security updates available for Substance 3D Painter
APSB24-87: Security Updates Available for Adobe Illustrator
APSB24-88: Security Update Available for Adobe InDesign
APSB24-89: Security update available for Adobe Photoshop
APSB24-90: Security update available for Adobe Commerce
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Adobe Bridge 13.0.9 e versioni precedenti
Adobe Bridge 14.1.2 e versioni precedenti
Adobe Audition 24.4.6 e versioni precedenti
Adobe Audition 23.6.9 e versioni precedenti
Adobe After Effects 24.6.2 e versioni precedenti
Adobe After Effects 23.6.9 e versioni precedenti
Adobe Substance 3D Painter 10.1.0 e versioni precedenti
Illustrator 2024 28.7.1 e versioni precedenti
Adobe InDesign ID19.5 e versioni precedenti
Adobe InDesign ID18.5.3 e versioni precedenti
Adobe InDesign ID18.5.2 e versioni precedenti
Photoshop 2023 24.7.3 e versioni precedenti
Photoshop 2024 25.11 e versioni precedenti
Adobe Commerce and Magento Open Source powered by Commerce Services and deployed as SaaS. (Commerce Services Connector) 3.2.5 e versioni precedenti
:: Impatto
Esecuzione remota di codice arbitrario (RCE)
Rivelazione di informazioni (ID)
Denial of Service (DoS)
:: Soluzioni
Aggiornare i prodotti software alle versioni piu' recenti.
:: Riferimenti
Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security/Home.html
https://helpx.adobe.com/security.html/security/security-bulletin.html
https://helpx.adobe.com/security/products/bridge/apsb24-77.html
https://helpx.adobe.com/security/products/audition/apsb24-83.html
https://helpx.adobe.com/security/products/after_effects/apsb24-85.html
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-86.html
https://helpx.adobe.com/security/products/illustrator/apsb24-87.html
https://helpx.adobe.com/security/products/indesign/apsb24-88.html
https://helpx.adobe.com/security/products/photoshop/apsb24-89.html
https://helpx.adobe.com/security/products/magento/apsb24-90.html
Mitre CVE
I riferimenti CVE sono disponibili nell'advisory originale.
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZzR0Og0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCmNwAoLUkyDpYSNdfA7jArseagvT3Cx23AKCwGvDfYtNd
KtrDZ5ItTTfFLZyoSw==
=OQl9
-----END PGP SIGNATURE-----
Alert ID: GCSA-24147
Data: 13 Novembre 2024
Titolo: Adobe Monthly Security Update - Novembre 2024
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato i seguenti aggiornamenti di sicurezza
con i quali risolve vulnerabilita' multiple:
APSB24-77: Security Updates Available for Adobe Bridge
APSB24-83: Security Updates Available for Adobe Audition
APSB24-85: Security Updates Available for Adobe After Effects
APSB24-86: Security updates available for Substance 3D Painter
APSB24-87: Security Updates Available for Adobe Illustrator
APSB24-88: Security Update Available for Adobe InDesign
APSB24-89: Security update available for Adobe Photoshop
APSB24-90: Security update available for Adobe Commerce
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Adobe Bridge 13.0.9 e versioni precedenti
Adobe Bridge 14.1.2 e versioni precedenti
Adobe Audition 24.4.6 e versioni precedenti
Adobe Audition 23.6.9 e versioni precedenti
Adobe After Effects 24.6.2 e versioni precedenti
Adobe After Effects 23.6.9 e versioni precedenti
Adobe Substance 3D Painter 10.1.0 e versioni precedenti
Illustrator 2024 28.7.1 e versioni precedenti
Adobe InDesign ID19.5 e versioni precedenti
Adobe InDesign ID18.5.3 e versioni precedenti
Adobe InDesign ID18.5.2 e versioni precedenti
Photoshop 2023 24.7.3 e versioni precedenti
Photoshop 2024 25.11 e versioni precedenti
Adobe Commerce and Magento Open Source powered by Commerce Services and deployed as SaaS. (Commerce Services Connector) 3.2.5 e versioni precedenti
:: Impatto
Esecuzione remota di codice arbitrario (RCE)
Rivelazione di informazioni (ID)
Denial of Service (DoS)
:: Soluzioni
Aggiornare i prodotti software alle versioni piu' recenti.
:: Riferimenti
Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security/Home.html
https://helpx.adobe.com/security.html/security/security-bulletin.html
https://helpx.adobe.com/security/products/bridge/apsb24-77.html
https://helpx.adobe.com/security/products/audition/apsb24-83.html
https://helpx.adobe.com/security/products/after_effects/apsb24-85.html
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-86.html
https://helpx.adobe.com/security/products/illustrator/apsb24-87.html
https://helpx.adobe.com/security/products/indesign/apsb24-88.html
https://helpx.adobe.com/security/products/photoshop/apsb24-89.html
https://helpx.adobe.com/security/products/magento/apsb24-90.html
Mitre CVE
I riferimenti CVE sono disponibili nell'advisory originale.
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZzR0Og0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCmNwAoLUkyDpYSNdfA7jArseagvT3Cx23AKCwGvDfYtNd
KtrDZ5ItTTfFLZyoSw==
=OQl9
-----END PGP SIGNATURE-----