[IT 알아보기]/보안 이슈

[보안 이슈] Adobe 제품 보안 업데이트 권고

이호스트ICT 2021. 9. 27. 13:06

 

 

□ 개요
 o Adobe 社는 자사 제품에서 발생하는 취약점을 해결한 보안 업데이트 발표 [1]
 o 낮은 버전을 사용중인 시스템 사용자는 해결 방안에 따라 최신 버전으로 업데이트 권고
 
□ 설명
 o Photoshop에서 버퍼오버플로우로 인해 발생하는 임의코드실행 취약점(CVE-2021-40709) [2]
 o Experience Manager에서 XSS로 인해 발생하는 임의코드실행 취약점(CVE-2021-40711) 등 4개 [3]
 o Genuine Service에서 권한검증이 미흡하여 발생하는 권한상승 취약점(CVE-2021-40708) [4]
 o Digital Editions에서 명령어 삽입으로 인해 발생하는 임의코드실행 취약점(CVE-2021-39826) 등 3개 [5]
 o Premiere Elements에서 메모리 처리가 미흡하여 발생하는 임의코드실행 취약점(CVE-2021-39824) 등 3개 [6]
 o Creative Cloud Desktop Application에서 권한검증이 미흡하여 발생하는 임의파일 쓰기 취약점(CVE-2021-28613) [7]
 o ColdFusion에서 접근통제가 미흡하여 발생하는 보안기능 우회 취약점(CVE-2021-40699) 등 2개 [8]
 o Framemaker에서 경계값을 벗어난 쓰기로 인해 발생하는 임의코드실행 취약점(CVE-2021-39829) 등 8개 [9]
 o InDesign에서 경계값을 벗어난 읽기로 인해 발생하는 임의코드실행 취약점(CVE-2021-39821) 등 3개 [10]
 o SVG-Native-Viewer에서 버퍼오버플로우로 인해 발생하는 임의코드실행 취약점(CVE-2021-39823) [11]
 o InCopy에서 메모리 처리가 미흡하여 발생하는 임의파일 쓰기 취약점(CVE-2021-39819) 등 2개 [12]
 o Premiere Pro에서 메모리 처리가 미흡하여 발생하는 임의코드실행 취약점(CVE-2021-40710) 등 2개 [13]
 o Acrobat and Reader에서 Use-after-free로 인해 발생하는 임의코드실행 취약점(CVE-2021-39859) 등 26개 [14]
 o XMP Toolkit SDK에서 경계값을 벗어난 읽기로 인해 발생하는 임의파일 읽기 취약점(CVE-2021-40716) [15]
 
□ 영향을 받는 버전 및 제품

※ 아래의 Adobe 참고사이트에서 “Solution”의 “Availability” 항목 참고하여 업데이트 수행

□ 기타 문의사항
 o 한국인터넷진흥원 사이버민원센터: 국번없이 118
 
[참고사이트]
[1] https://helpx.adobe.com/security.html
[2] https://helpx.adobe.com/security/products/photoshop/apsb21-84.html
[3] https://helpx.adobe.com/security/products/experience-manager/apsb21-82.html
[4] https://helpx.adobe.com/security/products/integrity_service/apsb21-81.html
[5] https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html
[6] https://helpx.adobe.com/security/products/premiere_elements/apsb21-78.html
[7] https://helpx.adobe.com/security/products/creative-cloud/apsb21-76.html
[8] https://helpx.adobe.com/security/products/coldfusion/apsb21-75.html
[9] https://helpx.adobe.com/security/products/maker/apsb21-74.html
[10] https://helpx.adobe.com/security/products/indesign/apsb21-73.html
[11] https://helpx.adobe.com/security/products/svg-native-viewer/apsb21-72.html
[12] https://helpx.adobe.com/security/products/incopy/apsb21-71.html
[13] https://helpx.adobe.com/security/products/premiere_pro/apsb21-67.html
[14] https://helpx.adobe.com/security/products/acrobat/apsb21-55.html
[15] https://helpx.adobe.com/security/products/xmpcore/apsb21-85.html


□ 작성 : 침해사고분석단 취약점분석팀