Adobe Digital Editions < 4.5.6 Multiple Vulnerabilities (APSB17-27) (macOS)
Critical Nessus Plugin ID 102325
SynopsisAn application installed on the the remote macOS or Mac OS X host is affected by multiple vulnerabilities.
DescriptionThe version of Adobe Digital Editions installed on the remote macOS or Mac OS X host is prior to 4.5.6. It is, therefore, affected by multiple vulnerabilities :
- An XML external entity (XXE) parsing flaw exists that can lead to information disclosure. (CVE-2017-11272)
- An unspecified buffer overflow vulnerability may result in the execution of arbitrary code. (CVE-2017-11274)
- Multiple unspecified memory corruption flaws exist that can cause a memory address disclosure. (CVE-2017-3091, CVE-2017-11275, CVE-2017-11276, CVE-2017-11277, CVE-2017-11278, CVE-2017-11279, CVE-2017-11280)
SolutionUpgrade to Adobe Digital Editions version 4.5.6 or later.