Product
Security update available for Adobe Digital Editions
Release date: January 22, 2014
Vulnerability identifier: APSB14-03
Priority: See table below
CVE number: CVE-2014-0494
Platform: Windows and Macintosh
Summary
Adobe has released a security update for Adobe Digital Editions for Windows and Macintosh. This update addresses a vulnerability in the software that could cause the application to crash and potentially allow an attacker to take control of the affected system.
Adobe recommends users update their product installation using the instructions provided in the solution section below.
Affected software versions
Adobe Digital Editions version 2.0.1 for Windows and Macintosh.
Solution
Adobe recommends users update their product by downloading the installer from http://www.adobe.com/products/digital-editions/download.html and following the instructions provided in the installation dialogue.
Priority and severity ratings
Adobe categorizes this update with the following priority rating and recommends users update their installation to the newest version:
|
Updated version |
Platform |
Priority rating |
Adobe Digital Editions |
3.0 |
Windows & Macintosh |
3 |
These updates address critical vulnerabilities in the software.
Details
Adobe has released a security update for Adobe Digital Editions for Windows and Macintosh. This update addresses a vulnerability in the software that could cause the application to crash and potentially allow an attacker to take control of the affected system.
Adobe recommends users update their product installation using the instructions provided in the solution section above.
This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2014-0494).
Acknowledgments
Adobe would like to thank Mario Gomes working with Beyond Security's SecuriTeam Secure Disclosure Project for reporting this issue and for working with Adobe to help protect our customers.