Bulletin ID
Security Updates Available for Adobe Framemaker | APSB21-45
|
Date Published |
Priority |
---|---|---|
APSB21-45 |
July 13, 2021 |
3 |
Summary
Adobe has released a security update for Adobe Framemaker. This update addresses a critical vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Affected Versions
Product |
Version |
Platform |
---|---|---|
Adobe Framemaker |
2019 Update 8 and earlier |
Windows |
Adobe Framemaker |
2020 Release Update 1 and earlier |
Windows |
Solution
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:
Product |
Version |
Platform |
Priority |
Availability |
---|---|---|---|---|
Adobe Framemaker |
2019 Release Update 8 |
Windows |
3 |
|
Adobe Framemaker |
2020 Release Update 2 |
Windows |
3 |
Vulnerability details
Vulnerability Category |
Vulnerability Impact |
Severity |
CVSS base score |
CVE Numbers |
|
---|---|---|---|---|---|
Out-of-bounds Write (CWE-787) |
Arbitrary code execution |
Critical |
7.8 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
CVE-2021-28596 |
Acknowledgments
Adobe would like to thank Tran Van Khang - khangkito (VinCSS) working with Trend Micro Zero Day Initiative for reporting the relevant issues and for working with Adobe to help protect our customers.
For more information, visit https://helpx.adobe.com/security.html , or email PSIRT@adobe.com