Alert GCSA-21124 - Adobe Security Bulletin - Novembre 2021

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

******************************************************************

alert ID: GCSA-21124
data: 11 novembre 2021
titolo: Adobe Security Bulletin - Novembre 2021

******************************************************************

:: Descrizione del problema

Adobe ha rilasciato i seguenti aggiornamenti di sicurezza
per risolvere 4 vulnerabilita', delle quali 2 di livello critico.

APSB21-87 Security hotfix available for Adobe RoboHelp
APSB21-110 Security update available for Adobe InCopy
APSB21-111 Security update available for Adobe Creative Cloud Desktop

Maggiori informazioni sono disponibili alla sezione "Riferimenti".


:: Software interessato

RoboHelp Server RHS2020.0.1 e versioni precedenti
InCopy.16.4 e versioni precedenti
Creative Cloud Desktop Application 5.5 e versioni precedenti


:: Impatto

Esecuzione remota di codice arbitrario (RCE)
Denial of Service (DoS)


:: Soluzioni

Aggiornare i software alle ultime versioni

RoboHelp Server RHS2020.0.2
InCopy.17.0
Creative Cloud Desktop Application 5.6


:: Riferimenti

Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security/security-bulletin.html
https://helpx.adobe.com/security/products/robohelp-server/apsb21-87.html
https://helpx.adobe.com/security/products/incopy/apsb21-110.html
https://helpx.adobe.com/security/products/creative-cloud/apsb21-111.html

Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42727
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43015
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43016
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43017


GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----

iF0EARECAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCYY0f+AAKCRDBnEyTZRJg
QliaAJ9ik4VAWFX46g6D/jQyyI/SFzxcCgCdFr+hR/Qji5p3sDsdKF4hFNEz0Js=
=Im6Z
-----END PGP SIGNATURE-----