====================================================================

                             CERT-Renater

                 Note d'Information No. 2020/VULN196
_____________________________________________________________________

DATE                : 15/04/2020

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Adobe After Effects versions prior
                                    to 17.0.6.

=====================================================================
https://helpx.adobe.com/security/products/after_effects/apsb20-21.html
_____________________________________________________________________

 Security Updates Available for Adobe After Effects | APSB20-21

Bulletin ID 	Date Published 	Priority
APSB20-21 	April 14, 2020 	3


Summary

Adobe has released an update for Adobe After Effects for Windows and
macOS. This update resolves an important out-of-bounds read
vulnerability that could lead to information disclosure in the context
of the current user. 

 
Affected Versions

Product               Version                           Platform
Adobe After Effects   17.0.1 and earlier versions       Windows


Solution

Adobe categorizes these updates with the following priority ratings and
recommends users update their installation to the newest version via the
Creative Cloud desktop app’s update mechanism.  For more information,
please reference this help page.


Product 	Version 	Platform 	Priority Rating 	Availability

Adobe After Effects    17.0.6 	Windows and macOS   3    Download Center


For managed environments, IT administrators can use the Admin Console to
deploy Creative Cloud applications to end users. Refer to this help page
for more information.


Vulnerability details

Vulnerability Category 	Vulnerability Impact  Severity   CVE Numbers

Out-of-Bounds Read   Information Disclosure  Important  CVE-2020-3809


Acknowledgments

Adobe would like to thank Mat Powell & Michael DePlante of Trend Micro
Zero Day Initiative for reporting these issues and for working with
Adobe to help protect our customers.


=========================================================
+ CERT-RENATER        | tel : 01-53-94-20-44            +
+ 23/25 Rue Daviel    | fax : 01-53-94-20-41            +
+ 75013 Paris         | email:cert@support.renater.fr   +
=========================================================