Adobe Security Bulletin

Security update available for the Adobe DNG Software Development Kit (SDK)

Release date: June 14, 2016

Vulnerability identifier: APSB16-19

Priority: 3

CVE number: CVE-2016-4167

Platform: Windows and Macintosh

Summary

Adobe has released a security update for the Adobe DNG Software Development Kit (SDK) for Windows and Macintosh.  This update resolves a memory corruption vulnerability. 

Affected software versions

Product Affected version Platform
Adobe DNG Software Development Kit (SDK)
1.4 (2012 release) and earlier versions Windows and Macintosh

Solution

Adobe categorizes this update with the following priority rating and recommends users update their installation to the newest version:

Product Updated version Platform Priority rating Availability
Adobe DNG Software Development Kit (SDK) 1.4 (2016 release)
Windows and Macintosh 3 Download page

Adobe DNG Software Development Kit (SDK) users can download the updated version via the following download page (https://www.adobe.com/support/downloads/dng/dng_sdk.html). To confirm the installed version is the latest available, users can verify that the included ReadMe.txt file has a creation date of Thursday, ‎May ‎5, ‎2016.

Vulnerability Details

This update resolves a memory corruption vulnerability (CVE-2016-4167).

Acknowledgments

Adobe would like to thank Kinan Hakim of Google for reporting this issue and for working with Adobe to help protect our customers.