Bulletin ID
Last updated on
16 May 2021
|
Also applies to Digital Editions
Security Updates Available for Adobe Framemaker | APSB20-04
|
|
Date Published |
Priority |
|---|---|---|
|
APSB20-04 |
February 11, 2020 |
3 |
Summary
Adobe has released a security update for Adobe Framemaker. This update addresses multiple critical vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Affected Versions
|
Product |
Version |
Platform |
|---|---|---|
|
Adobe Framemaker |
2019.0.4 and below |
Windows |
Solution
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:
|
Product |
Version |
Platform |
Priority |
Availability |
|---|---|---|---|---|
|
Adobe Framemaker |
2019.0.5 |
Windows |
3 |
Vulnerability details
|
Vulnerability Category |
Vulnerability Impact |
Severity |
CVE Numbers |
|---|---|---|---|
|
Buffer Error |
Arbitrary code execution |
Critical |
CVE-2020-3734 |
|
Heap Overflow |
Arbitrary code execution |
Critical |
CVE-2020-3731 CVE-2020-3735 |
|
Memory Corruption |
Arbitrary code execution |
Critical |
CVE-2020-3739 CVE-2020-3740 |
|
Out-of-Bounds Write |
Arbitrary code execution |
Critical |
CVE-2020-3720 CVE-2020-3721 CVE-2020-3722 CVE-2020-3723 CVE-2020-3724 CVE-2020-3725 CVE-2020-3726 CVE-2020-3727 CVE-2020-3728 CVE-2020-3729 CVE-2020-3730 CVE-2020-3732 CVE-2020-3733 CVE-2020-3736 CVE-2020-3737 CVE-2020-3738 |
Acknowledgments
Adobe would like to thank Kdot working with Trend Micro Zero Day for reporting this issue and for working with Adobe to help protect our customers.
Adobe MAX
The Creativity Conference
Oct 14–16 Miami Beach and online
Adobe MAX
The Creativity Conference
Oct 14–16 Miami Beach and online