Adobe has released a security update for Adobe Digital Editions. This update resolves an out-of-bounds read vulnerability (CVE-2018-4925) rated Important, and a stack overflow vulnerability (CVE-2018-4926) caused by unsafe processing of specially crafted epub files.
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:
|Vulnerability Category||Vulnerability Impact||Severity||CVE Numbers|
|Out-of-bounds read||Information Disclosure||Important||CVE-2018-4925|
|Stack Overflow||Information Disclosure||Important||CVE-2018-4926|
Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:
- Steven (mr_me) Seeley of Source Incite (CVE-2018-4925)
- Phil Blankenship of Cerberus Security (CVE-2018-4926)