CVE-2022-38440 An out-of-bounds read vulnerability in Adobe Dimension versions 3.4.5 could let attackers read past the end of an allocated memory structure.

Adobe recommends users apply the update to their Creative Cloud version as soon as possible. Substantially, Adobe CC versions are now on version 11.1.x, 11.0.x, 10.1.x, 10.0.x, 9.0.x, 8.0.x, 7.1.x, and 7.0.x. From the Adobe advisory: Adobe Dimension versions 3.4.5 is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Adobe recommends users apply the update to their Creative Cloud version as soon as possible. Substantially, Adobe CC versions are now on version 11.1.x, 11.0.x, 10.1.x, 10.0.x, 9.0.x, 8.0.x, 7.1.x, and 7.0.x. From the Adobe advisory: CVE-2018-4920 is the identifier assigned to this issue. Adobe is aware of confirmed details of the vulnerability being exploited in the wild. The latest updates for Adobe CC have been released. You may install the update through Creative Cloud desktop app, or directly from the Creative Cloud website.

References:

- Adobe Dimension: https://helpx.adobe.com/creative-cloud/kb/adobedimension-3-4-5.html
- CVE-2018-4920: https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4920

Creative Cloud Desktop App Update

To apply the update from the desktop app, please follow these steps:
-Click on "Creative Cloud" in the top left corner of your screen.
-Clicking on "Updates" will provide a list of available updates for you to install.
-Select "Adobe Dimension CC 2019 Update (Version 11.1.3)."
-Follow the prompts and click "Install."
-Enter your password when prompted, then click "Close."

Creative Cloud (CC)

Creative Cloud (CC) is a subscription service from Adobe that provides access to software, cloud storage, and production services. Creative Cloud is designed for designers, photographers, illustrators, videographers, filmmakers and other creative professionals who need an easy way to get their work done on a PC or Mac.
Creative Cloud provides access to the latest creative software and cloud storage space. These include Photoshop CC and Adobe Stock photos

Timeline

Published on: 10/14/2022 20:15:00 UTC
Last modified on: 10/14/2022 20:31:00 UTC

References