Adobe addressed 18 critical code execution vulnerabilities in its After Effects, Illustrator, Premiere Pro, Premiere Rush, and Audition products.
The IT giant patched five critical out-of-bounds write (CVE-2020-9660, CVE-2020-9662), out-of-bounds read (CVE-2020-9661) and heap overflow (CVE-2020-9637, CVE-2020-9638) vulnerabilities in After Effects that can be exploited by attackers to execute arbitrary code in the context of the targeted user.
The company also addressed five buffer errors (CVE-2020-9642) and memory corruption issues (CVE-2020-9575, CVE-2020-9641, CVE-2020-9640, CVE-2020-9639) in Illustrator that led to critical code execution vulnerabilities.