==================================================================== CERT-Renater Note d'Information No. 2018/VULN384 _____________________________________________________________________ DATE : 14/11/2018 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): windows, macOS running Adobe Photoshop CC versions prior to 19.1.7, 20.0. ===================================================================== https://helpx.adobe.com/security/products/photoshop/apsb18-43.html _____________________________________________________________________ Security updates available for Adobe Photoshop CC | APSB18-43 +----------------------------------------------------------------------------+ | Bulletin ID | Date Published | Priority | |-----------------------+----------------------------------+-----------------| |APSB18-43 |November 13, 2018 |3 | +----------------------------------------------------------------------------+ Summary Adobe has released updates for Photoshop CC for Windows and macOS. These updates resolve an important vulnerability in Photoshop CC 19.1.6 and earlier 19.x versions. Successful exploitation could lead to information disclosure. Affected Product Versions +-----------------------------------------------------------------------------+ | Product | Affected version | Platform | |--------------------+----------------------------+---------------------------| |Photoshop CC |19.1.6 and earlier |Windows and macOS | +-----------------------------------------------------------------------------+ Solution Adobe recommends users update their software installations via each application's update mechanism by launching each application, navigating to the Help menu, and clicking "Updates." For more information, please reference this help page. +-----------------------------------------------------------------------------+ | Product | Updated versions | Platform | |---------------------+--------------------------+----------------------------| |Photoshop CC |19.1.7 |Windows and macOS | |---------------------+--------------------------+----------------------------| |Photoshop CC |20.0 |Windows and macOS | +-----------------------------------------------------------------------------+ Note: For managed environments, IT administrators can use the Creative Cloud Packager to create deployment packages. Refer to this help page for more information on the Creative Cloud Packager. Version 19.1.7 will be available for download beginning in the evening Pacific Standard Time on November 13. Vulnerability details +----------------------------------------------------------------------+ | Vulnerability Category | Vulnerability Impact | Severity | CVE Number| |---------------------+-----------------------+----------+-------------| |Out-of-bounds read |Information disclosure |Important |CVE-2018-15980 | +----------------------------------------------------------------------+ Acknowledgments Adobe would like to thank Anonymous working with Trend Micro's Zero Day Initiative for reporting this issue and for working with Adobe to help protect our customers. ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================