Bulletin ID
Cập nhật gần đây nhất vào
26 thg 12, 2022
Security Bulletin for Adobe Campaign | APSB19-28
|
|
Date Published |
Priority |
|
APSB19-28 |
June 11, 2019 |
3 |
Summary
Adobe has released a security update for Adobe Campaign Classic. This update addresses vulnerabilities rated Critical, Important and Moderate that could result in arbitrary code execution.
Affected versions
|
Product |
Affected version |
Platform |
|
Adobe Campaign Classic |
18.10.5-8984 (and earlier versions) |
Windows and Linux |
Solution
Adobe categorizes these updates with the following priority rating and recommends users update their installation to the newest version:
|
Product |
Updated version |
Platform |
Priority rating |
Availability |
|
Adobe Campaign |
19.1.4-9031 |
Windows and Linux |
3 |
Vulnerability Details
|
Vulnerability Category |
Vulnerability Impact |
Severity |
CVE Number |
|
Insufficient input validation |
Information Disclosure |
Important |
CVE-2019-7843 |
|
Improper error handling |
Information Disclosure |
Moderate |
CVE-2019-7846 |
|
Inadequate access control |
Information Disclosure |
Moderate |
CVE-2019-7848 |
|
Command injection |
Arbitrary Code Execution |
Critical |
CVE-2019-7850 |
Acknowledgments
Adobe would like to thank Olivier Guerra of Aon's Cyber Solutions for reporting this issue (CVE-2019-7843) and for working with Adobe to help protect our customers.
Revisions
June 14, 2019: Removed reference to CVE-2019-7849. This CVE was erroneously included in the original bulletin content.
July 31, 2019: Changed updated version from 19.1.1-9026 to 19.1.4-9031 due to regression in the former.
August 15, 2019: Updated Severity of CVE-2019-7850 to Critical.
August 19, 2019: Removed references to CVE-2019-7941 & CVE-2019-7847. These CVEs were erroneously included in the original bulletin content.
May 14, 2020: Modified the summary to reflect the critical, important and moderate severity vulnerabilities referenced in this bulletin.
