Adobe Security Bulletin

On this page

Summary
Affected product versions
Solution
Vulnerability details
Acknowledgments
Revisions

Applies to: Captivate

某些 Creative Cloud 应用程序、服务和功能在中国不可用。

Security updates available for Adobe Captivate | APSB17-19

Bulletin ID	Date Published	Last Updated	Priority
APSB17-19	June 13, 2017	June 19, 2017	3

Adobe has released security updates for Adobe Captivate for Windows and Macintosh. These updates resolve a critical input validation vulnerability (CVE-2017-3098) in the quiz reporting feature that could be abused to read and write arbitrary files to the server, potentially resulting in remote code execution. These updates also resolve an important information disclosure vulnerability (CVE-2017-3087), also in the quiz reporting feature.

Product	Version	Platform
Adobe Captivate	9 and earlier	Windows and Macintosh

Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:

Product	Version	Platform	Priority	Availability
Adobe Captivate 2017	10.0.0.192	Windows and Macintosh	3	Release note
Adobe Captivate 8 and 9	Hotfix	Windows and Macintosh	3	Tech note

Vulnerability Category	Vulnerability Impact	Severity	CVE Number
Improper Input Validation	Information disclosure	Important	CVE-2017-3087
Improper Input Validation	Remote code execution	Critical	CVE-2017-3098

Adobe would like to thank Tomas Rzepka for reporting this issue and for working with Adobe to help protect our customers.

June 19, 2017: Modified the summary section and added reference to CVE-2017-3098, which was inadvertently omitted from the bulletin.

Adobe Security Bulletin

Summary

Affected product versions

Solution

Vulnerability details

Acknowledgments

Revisions

Ask the Community

Contact Us