Vulnerabilities fixed in Adobe products

Adobe has fixed several vulnerabilities in After Effects, Creative Cloud, Illustrator, InDesign and Media Encoder. The vulnerabilities potentially allow a malicious party to launch attacks execute attacks that result in the following categories of damage: Remote code execution User rights. Access...

CVE-2020-27823

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

CVE-2020-27823

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

AZL-44814 CVE-2020-27823 affecting package openjpeg2 for versions less than 2.3.1-12

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

DEBIAN-CVE-2020-27823

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

ALPINE-CVE-2020-27823

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

Input validation

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

DEBIAN-CVE-2020-27824

A flaw was found in OpenJPEG’s encoder in the opjdwtcalcexplicitstepsizes function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability...

CVE-2020-27824

A flaw was found in OpenJPEG’s encoder in the opjdwtcalcexplicitstepsizes function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability...

Buffer overflow

A flaw was found in OpenJPEG’s encoder in the opjdwtcalcexplicitstepsizes function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability...

CVE-2020-27823

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

CVE-2020-27823

OpenJPEG2 contains CVE-2020-27823 affecting the OpenJPEG encoder. Connected advisories confirm multiple related issues (e.g., heap-buffer-overflow and out-of-bounds reads/writes) across OpenJPEG versions up to 2.4.0, with Affected packages including openjpeg2 and OpenJPEG 2.x components. The root...

CVE-2020-27823

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

CVE-2020-27824

OpenJPEG2 CVE-2020-27824 affects the encoder code path opj_dwt_calc_explicit_stepsizes(), where crafted input to decomposition levels can trigger a buffer overflow. The highest stated impact is to availability. Public advisories show remediations via updated openjpeg2 packages (e.g., Debian openj...

CVE-2020-27824

A flaw was found in OpenJPEG’s encoder in the opjdwtcalcexplicitstepsizes function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability...

CVE-2020-27824

A flaw was found in OpenJPEG’s encoder in the opjdwtcalcexplicitstepsizes function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability...

CVE-2020-27824

A flaw was found in OpenJPEG’s encoder in the opjdwtcalcexplicitstepsizes function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability...

Teradici PCoIP Graphics Agent 代码问题漏洞

Teradici PCoIP Graphics Agent is an agent program from Teradici Canada that delivers GPU-enabled physical and virtual workstations to end users via a remote client. A security vulnerability exists in Teradici PCoIP Graphics Agent version 21.03. The vulnerability stems from the program not...

Adobe Media Encoder < 15.2 Privilege escalation (APSB21-32)

The version of Adobe Media Encoder installed on the remote Windows host is prior to 15.2. It is, therefore, affected by a vulnerability as referenced in the APSB21-32 advisory. - Adobe Media Encoder version 15.1 and earlier is affected by an Out-of-bounds Read vulnerability when parsing a special...

CVE-2021-27383

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7" & 15" incl. SIPLUS variants All versions V15.1 Update 6, SIMATIC HMI Comfort Outdoor Panels V16 7" & 15" incl. SIPLUS variants All versions V16 Update 4, SIMATIC HMI Comfort Panels V15 4" - 22" incl. SIPLUS...