Bulletin ID
Security Updates Available for Adobe Digital Editions | APSB21-80
Bulletin ID |
Date Published |
Priority |
---|---|---|
APSB20-80 |
September 14, 2021 |
3 |
Product |
Version |
Platform |
---|---|---|
Adobe Digital Editions |
4.5.11.187646 and below |
macOS |
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:
Product |
Version |
Platform |
Priority |
Availability |
---|---|---|---|---|
Adobe Digital Editions |
4.5.11.187658 |
MacOS |
3 |
Vulnerability Category |
Vulnerability Impact |
Severity |
CVSS base score |
CVE Numbers |
|
---|---|---|---|---|---|
Creation of Temporary File in Directory with Incorrect Permissions (CWE-379) |
Privilege Escalation |
Important |
5.8 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N |
CVE-2021-39828 |
Creation of Temporary File in Directory with Incorrect Permissions (CWE-379) |
Arbitrary file system write |
Critical |
6.5 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H |
CVE-2021-39827 |
OS Command Injection (CWE-78) |
Arbitrary code execution |
Critical |
8.6 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H |
CVE-2021-39826 |
Adobe would like to thank the following security researchers for reporting these issues and for working with Adobe to help protect our customers.
October 4, 2021: Updated CVSS base score and vector for CVE-2021-39827.
For more information, visit https://helpx.adobe.com/security.html, or email PSIRT@adobe.com
Prisijunkite prie savo paskyros