Severity Rating: High
Software Affected
•Adobe DNG Software Development Kit (SDK) versions 1.5 and earlier
Overview
Multiple vulnerabilities have been reported in Adobe DNG Software
Development Kit (SDK) for Windows and macOS which could be exploited by an
attacker to conduct remote code execution attacks or obtain sensitive
information of the target system.
Description
1. Multiple Heap Overflow Vulnerabilities ( CVE-2020-9589 CVE-2020-9590
CVE-2020-9620 CVE-2020-9621 )
Multiple vulnerabilities exist in Adobe DNG Software Development Kit (SDK)
due to a heap-based overflow error. A remote attacker could exploit these
vulnerabilities by convincing the user to execute a specially crafted
application resulting in buffer overflow conditions.
Successful exploitation of these vulnerabilities could allow the attacker
to execute arbitrary code on the target system.
2. Multiple Out-of-Bounds Read Vulnerabilities ( CVE-2020-9622
CVE-2020-9623 CVE-2020-9624 CVE-2020-9625. CVE-2020-9626
CVE-2020-9627 CVE-2020-9628 CVE-2020-9629 )
Multiple vulnerabilities exist in Adobe DNG Software Development Kit (SDK)
due to an out-of-bound read error. A remote attacker could exploit these
vulnerabilities by convincing the user to execute a specially crafted
application.
Successful exploitation of these vulnerabilities could allow the attacker
to obtain sensitive information on the target system.
Solution
Apply appropriate security updates as mentioned in the Adobe Security
Advisory APSB20-26
Vendor Information
Adobe
References
Adobe
Threatpost
digital-negative-sdk/155652/
CVE Name
CVE-2020-9589
CVE-2020-9590
CVE-2020-9620
CVE-2020-9621
CVE-2020-9622
CVE-2020-9623
CVE-2020-9624
CVE-2020-9625
CVE-2020-9626
CVE-2020-9627
CVE-2020-9628
CVE-2020-9629
About Cert Advisory
We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.
![Fwd: [CIVN-2020-0179] Denial of Service Vulnerability in the Cisco MDS 9000 Series Switches](http://3.bp.blogspot.com/-ZRo8fwgs65M/UZC2jMJpcLI/AAAAAAAAC5Y/EfoFQsr1wzU/s1600/BS+No+Image.gif )