CVE-2022-38432 Adobe Photoshop versions 22.5.8 and earlier are affected by a Heap-based Buffer Overflow that could result in arbitrary code execution in the context of the current user.

Adobe recommends installing the latest software update for these versions. Adobe Acrobat versions 11.0.19 and earlier have a Cross-site scripting flaw that could result in a denial-of-service condition. Adobe Reader versions 11.0.19 and earlier have a Cross-site scripting flaw that could result in a denial-of-service condition. Adobe XMP Panels versions 2.8.0 and earlier have XSS flaws that could result in a denial-of service condition. Adobe Creative Cloud versions after 2017.09.30 for Windows (17.3.0) have XSS flaws that could result in a denial-of-service condition. Adobe Digital Editions versions after 2017.06.21 for Windows (17.6.0) have XSS flaws that could result in a denial-of-service condition. Adobe ColdFusion versions (10.0.0 - 10) have XSS flaws that could result in a denial-of-service condition. Adobe XMP Panels versions 2.8.0 and earlier have XSS flaws that could result in a denial-of-service condition. Adobe Acrobat versions 11.0.19 and earlier have a Cross-site scripting flaw that could result in a denial-of-service condition. Adobe Reader versions 11.0.19 and earlier have a Cross-site scripting flaw that could result in a denial-of-service condition. Adobe XMP Panels versions 2.8.0 and earlier

Adobe Acrobat versions 11.0.19 and earlier have a Cross-site scripting flaw that could result in a denial-of-service condition.

Adobe Acrobat versions 11.0.19 and earlier have a Cross-site scripting flaw that could result in a denial-of-service condition. For more information on this vulnerability, see CVE-2022-38432.

Products Affected

Adobe Acrobat versions 11.0.19 and earlier have a Cross-site scripting flaw that could result in a denial-of-service condition. Adobe Reader versions 11.0.19 and earlier have a Cross-site scripting flaw that could result in a denial-of-service condition. Adobe XMP Panels versions 2.8.0 and earlier have XSS flaws that could result in a denial-of service condition. Adobe Creative Cloud versions after 2017.09.30 for Windows (17.3.0) have XSS flaws that could result in a denial-of service condition. Adobe Digital Editions versions after 2017.06.21 for Windows (17.6.0) have XSS flaws that could result in a denial-of service condition

Timeline

Published on: 09/16/2022 18:15:00 UTC
Last modified on: 09/20/2022 18:54:00 UTC

References

• https://helpx.adobe.com/security/products/photoshop/apsb22-52.html
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38432