Adobe has released a security update for Adobe Bridge CC. This update addresses a vulnerability rated important that occurs when parsing malformed SVG images. This can result in an out-of-bounds memory read which leads to information (memory address) disclosure in the context of current user.
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the latest version:
|Adobe Bridge CC||9.1||Windows and macOS||3||Download Page|
|Vulnerability Category||Vulnerability Impact||Severity||CVE Number|
|Out-of-Bounds Read||Information Disclosure||Important||CVE-2019-7963|
Adobe would like to thank Francis Provencher (via Trend Micro’s Zero Day Initiative) for reporting this issue and for working with Adobe to help protect our customers.