Adobe Security Bulletin

Release date: March 8, 2016

Vulnerability identifier: APSB16-06

Priority: 3

CVE number: CVE-2016-0954

Platform: Windows, Macintosh, iOS and Android

Adobe has released a security update for Adobe Digital Editions 4.5.0 and earlier versions. This update resolves a critical memory corruption vulnerability that could lead to code execution.

Product	Affected version	Platform
Adobe Digital Editions	4.5.0 and earlier versions	Windows, Macintosh, iOS and Android

Adobe categorizes this update with the following priority ratings and recommends users update their installation to the newest version:

Product	Updated version	Platform	Priority rating	Availability
		Windows	3	Download Page
Adobe Digital Editions	4.5.1	Macintosh	3	Download Page
		iOS	3	iTunes
		Android	3	Playstore

Customers using Adobe Digital Editions 4.5.0 on Windows can download the update from the Adobe Digital Editions download page, or utilize the product’s update mechanism when prompted. Customers using Digital Editions for iOS and Android can download the update from the respective app store.

For more information, please reference the release notes.

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2016-0954).

Adobe would like to thank Pier-Luc Maltais of COSIG (CVE-2016-0954) for reporting this issue and for working with Adobe to help protect our customers.

Adobe Security Bulletin

Security update available for Adobe Digital Editions

Summary

Affected versions

Solution

Vulnerability Details

Acknowledgments

Ask the Community

Contact Us