Bulletin ID
Security updates available for Adobe Digital Editions | APSB17-39
Bulletin ID |
Date Published |
Priority |
---|---|---|
APSB17-39 |
November 14, 2017 |
3 |
Adobe has released a security update for Adobe Digital Editions for Windows, Macintosh, iOS, and Android. This update addresses an XML external entity processing vulnerability rated critical that could lead to information disclosure, out-of-bounds read vulnerabilities that could lead to the disclosure of memory addresses and a memory corruption vulnerability that could lead to the disclosure of memory addresses.
Product |
Version |
Platform |
---|---|---|
Adobe Digital Editions |
4.5.6 and earlier versions |
Windows, Macintosh, iOS and Android |
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:
Product | Version | Platform | Priority | Availability |
---|---|---|---|---|
Adobe Digital Editions | 4.5.7 | Windows | 3 | Download Page |
Macintosh | 3 | Download Page | ||
iOS | 3 | iTunes | ||
Android | 3 | Playstore |
Vulnerability Category |
Vulnerability Impact |
Severity |
CVE Numbers |
---|---|---|---|
Unsafe parsing of XML External Entities |
Information Disclosure |
Critical |
CVE-2017-11273 |
Out-of-bounds read |
Memory address disclosure |
Important |
CVE-2017-11297 |
Out-of-bounds read |
Memory address disclosure |
Important |
CVE-2017-11298 |
Out-of-bounds read |
Memory address disclosure |
Important |
CVE-2017-11299 |
Out-of-bounds read |
Memory address disclosure |
Important |
CVE-2017-11300 |
Memory Corruption |
Memory address disclosure |
Important |
CVE-2017-11301 |
Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:
Logige oma kontole sisse