Adobe Security Bulletin

Security Updates Available for Adobe Bridge CC | APSB19-25

Bulletin ID

Date Published

Priority

APSB19-25

April 09, 2019

2

Summary

Adobe has released security updates for Adobe Bridge CC. These updates address critical findings that could result in remote code execution in the context of the current user.

Affected Versions

Product

Version

Platform

Adobe Bridge CC

9.0.2

Windows and macOS

Solution

Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the latest version:

Product

Version

Platform

Priority

Availability

Adobe Bridge CC

9.0.3

Windows and macOS

2

Vulnerability details

Vulnerability Category

Vulnerability Impact

Severity

CVE Numbers

Heap Overflow

Remote Code Execution

Critical

CVE-2019-7130

Out-of-Bounds Write

Remote Code Execution

Critical

CVE-2019-7132

Out-of-Bounds Read

Information Disclosure

Important

CVE-2019-7133

CVE-2019-7134

CVE-2019-7135

CVE-2019-7138

Use After Free

Information Disclosure

Important

CVE-2019-7136

Memory Corruption

Information Disclosure

Important

CVE-2019-7137 

Acknowledgments

Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:

  • Francis Provencher working with Trend Micro Zero Day Initiative (CVE-2019-7130, CVE-2019-7134, CVE-2019-7135, CVE-2019-7136, CVE-2019-7137, CVE-2019-7138)

  • Mat Powell of Trend Micro Zero Day Initiative (CVE-2019-7132, CVE-2019-7133)

 Adobe

Get help faster and easier

New user?