Product
Last updated on
27 Des 2022
Security update available for Adobe XMP Toolkit for Java
Release date: July 12, 2016
Vulnerability identifier: APSB16-24
Priority: 3
CVE number: CVE-2016-4216
Platform: All
Summary
Adobe has released a security update for the Adobe XMP Toolkit for Java. This update resolves an important vulnerability that could lead to information disclosure (CVE-2016-4216). Adobe recommends users update their product installation using the instructions provided in the “Solution” Section below.
Affected software versions
|
|
Affected Version |
Platform |
|
Adobe XMP Tooklit for Java |
5.1.2 and earlier versions |
All |
Solution
Adobe categorizes this update with the following priority rating and recommends users update their installation to the newest version by following the instructions below:
|
Product |
Updated version |
Platform |
Availability |
|
|
Adobe XMP Toolkit for Java |
5.1.3 |
All |
3 |
Adobe XMP toolkit for Java users can download the updated version via the following download page: http://www.adobe.com/devnet/xmp.html. Adobe expects the updated version to be available during the week of July 11, 2016.
Vulnerability Details
This update resolves an issue associated with the parsing of crafted XML external entities in XMPCore that could lead to information disclosure (CVE-2016-4216).
Acknowledgments
Adobe would like to thank Tim Allison of the MITRE corporation for reporting this issue (CVE-2016-4216) and for working with Adobe to help protect our customers.
