Number: AV18-060
Date: 10 April 2018
Purpose
The purpose of this advisory is to bring attention to recently published Adobe security bulletins.
Assessment
Adobe has released security updates for Adobe Flash Player, Experience Manager, InDesign, Digital Editions, ColdFusion and PhoneGap Push Plugin.
Affected products:
- Flash Player Desktop Runtime for Windows and Macintosh, versions 29.0.0.140 and earlier -Flash Player Desktop Runtime for Linux, versions 29.0.0.140 and earlier -Flash Player for Chrome, versions 29.0.0.140 and earlier -Flash Player for Edge and Internet Explorer 11, versions 29.0.0.140 and earlier.
- Experience Manager Version 6.3, 6.2, 6.1 and 6.0
- InDesign version 13.0 and below
- Digital Editions version 4.5.7 and below
- ColdFusion 2016 Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions
- PhoneGap Push Plugin version 1.8.0 and earlier versions.
CVE References: CVE-2018-4925, CVE-2018-4926, CVE-2018-4927,CVE-2018-4928, CVE-2018-4929, CVE-2018-4930, CVE-2018-4931, CVE-2018-4932, CVE-2018-4933, CVE-2018-4934, CVE-2018-4935, CVE-2018-4936, CVE-2018-4937, CVE-2018-4938, CVE-2018-4939, CVE-2018-4940, CVE-2018-4941, CVE-2018-4942, CVE-2018-4943
Suggested Action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.
References:
- https://helpx.adobe.com/security/products/flash-player/apsb18-08.html
- https://helpx.adobe.com/security/products/experience-manager/apsb18-10.html
- https://helpx.adobe.com/security/products/indesign/apsb18-11.html
- https://helpx.adobe.com/security/products/Digital-Editions/apsb18-13.html
- https://helpx.adobe.com/security/products/coldfusion/apsb18-14.html
- https://helpx.adobe.com/security/products/phonegap/apsb18-15.html