Adobe Security Bulletin
Security update available for Adobe Dreamweaver | APSB19-40
Bulletin ID Date Published Priority
APSB19-40 July 09, 2019 3

Summary

Adobe has released a security update for the Adobe Dreamweaver direct download windows installer.  This update resolves an insecure library loading vulnerability in the installer rated important that could lead to privilege escalation.

Affected Versions

Product Affected Versions Platform
Adobe Dreamweaver direct download installer 19.0 and below Windows
18.0 and below Windows

Solution


Adobe categorizes this update with the following priority rating and recommends users to use latest builds for new installation.

Product Updated Version Platform Priority rating Availability
Adobe Dreamweaver direct download installer 2019 Release Windows 3 Download Page
2018 Release Windows 3 Download Page

Note:

Note: This vulnerability exclusively impacts the installer used with the Adobe Dreamweaver CS6 build previously available via direct downloads. CVE-2019-7956 does not impact CC 2019 or CC 2018 builds, and there is no action for customers running these versions.

Vulnerability Details

Vulnerability Category Vulnerability Impact Severity CVE Numbers
Insecure Library Loading (DLL hijacking)  Privilege Escalation  Important CVE-2019-7956

Acknowledgements

Adobe would like to thank Honc (章哲瑜) for reporting this issue and for working with Adobe to help protect our customers.