Adobe Creative Cloud APSB18-12 Multiple Security Vulnerabilities

Bugtraq ID:	104103
Class:	Input Validation Error
CVE:	CVE-2018-4991 CVE-2018-4873 CVE-2018-4992
Remote:	Yes
Local:	Yes
Published:	May 08 2018 12:00AM
Updated:	May 08 2018 12:00AM
Credit:	Wei Wei (@Danny__Wei) of Tencent's Xuanwu Lab, Ryan Hileman of Talon Voice & Chi Chou, and Cyril Vallicari / HTTPCS �?? Ziwit
Vulnerable:	Adobe Creative Cloud 4.4.1.298 Adobe Creative Cloud 4.0.0.185 Adobe Creative Cloud 3.9.5.353 Adobe Creative Cloud 3.8.0.310 Adobe Creative Cloud 3.7.0.272 Adobe Creative Cloud 3.6.0.248 Adobe Creative Cloud 3.6.0.244 Adobe Creative Cloud 3.5.1.209 Adobe Creative Cloud 2.1
Not Vulnerable:	Adobe Creative Cloud 4.5.0.331

Adobe Creative Cloud APSB18-12 Multiple Security Vulnerabilities

Adobe Creative Cloud is prone to multiple security vulnerabilities.

Attackers can exploit these issues to gain elevated privileges or to bypass certain security restrictions and perform unauthorized actions.

Creative Cloud prior to 4.5.0.331 are vulnerable.

Adobe Creative Cloud APSB18-12 Multiple Security Vulnerabilities

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Adobe Creative Cloud APSB18-12 Multiple Security Vulnerabilities

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Adobe Creative Cloud APSB18-12 Multiple Security Vulnerabilities

References:

• Adobe Homepage (Adobe)
  
• Creative Cloud Product Page (Adobe)
  
• Security updates available for Creative Cloud Desktop Application | APSB18-12 (Adobe)