Bulletin ID
Last updated on
16 May 2021
|
Also applies to Digital Editions
Security Updates Available for Adobe Media Encoder | APSB19-29
|
|
Date Published |
Priority |
|---|---|---|
|
APSB19-29 |
May 14, 2019 |
3 |
Summary
Adobe has released an update for Adobe Media Encoder. This update resolves a critical file parsing vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Affected Versions
|
Product |
Version |
Platform |
|---|---|---|
|
Adobe Media Encoder |
13.0.2 |
Windows and macOS |
Solution
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:
Adobe recommends updating via the Creative Cloud desktop app’s update mechanism. For more information, please reference this help page.
|
Product |
Version |
Platform |
Priority |
|---|---|---|---|
|
Adobe Media Encoder |
13.1 |
Windows and macOS |
3 |
For managed environments, IT administrators can use the Admin Console to deploy Creative Cloud applications to end users. Refer to this help page for more information.
Vulnerability details
|
Vulnerability Category |
Vulnerability Impact |
Severity |
CVE Numbers |
|---|---|---|---|
|
Use-After-Free |
Remote Code Execution |
Critical |
CVE-2019-7842 |
|
Out-of-bounds Read |
Information Disclosure |
Important |
CVE-2019-7844 |
Acknowledgments
Adobe would like to thank Mat Powell of Trend Micro Zero Day Initiative for reporting these issues and for working with Adobe to help protect our customers.