Bulletin ID
Last updated on
May 16, 2021
|
Also applies to Digital Editions
Security Updates Available for Adobe Framemaker | APSB20-32
|
|
Date Published |
Priority |
|---|---|---|
|
APSB20-32 |
June 09, 2020 |
3 |
Summary
Adobe has released a security update for Adobe Framemaker. This update addresses multiple critical vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Affected Versions
|
Product |
Version |
Platform |
|---|---|---|
|
Adobe Framemaker |
2019.0.5 and below |
Windows |
Solution
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:
|
Product |
Version |
Platform |
Priority |
Availability |
|---|---|---|---|---|
|
Adobe Framemaker |
2019.0.6 |
Windows |
3 |
Vulnerability details
|
Vulnerability Category |
Vulnerability Impact |
Severity |
CVE Numbers |
|---|---|---|---|
|
Memory Corruption |
Arbitrary code execution |
Critical |
CVE-2020-9636 |
|
Out-of-Bounds Write |
Arbitrary code execution |
Critical |
CVE-2020-9634 CVE-2020-9635 |
Acknowledgments
Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:
- Honggang Ren of Fortinet's FortiGuard Labs (CVE-2020-9636)
- Francis Provencher working with Trend Micro's Zero Day Initiative (CVE-2020-9634, CVE-2020-9635)
Adobe MAX
The Creativity Conference
Oct 14–16 Miami Beach and online
Adobe MAX
The Creativity Conference
Oct 14–16 Miami Beach and online