Adobe Security Bulletin

Release date: June 16, 2015

Vulnerability identifier: APSB15-13

Priority: See table below

CVE number: CVE-2015-3110, CVE-2015-3111, CVE-2015-3112

Platform: Windows and Macintosh

Adobe has released an update for Adobe Bridge CC for Windows and Macintosh. This update addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system.

Adobe Bridge CC (6.1) and earlier versions for Windows and Macintosh.

Adobe recommends users update their software installation via the application's update mechanism by launching the application, navigating to the Help menu and clicking "Updates".  For more information, please reference the following help page.

Adobe categorizes these updates with the following priority rating and recommends users update their installation to the newest version:

These updates address a critical vulnerability in the software.

Adobe has released an update for Bridge CC for Windows and Macintosh. This update addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. Adobe recommends users update their product installations to the latest version.

These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2015-3110).

These updates resolve a memory corruption vulnerability that could lead to code execution (CVE-2015-3112).

These updates resolve a heap overflow vulnerability that could lead to code execution (CVE-2015-3111).

Adobe would like to thank Francis Provencher of Protek Research Labs (CVE-2015-3110, CVE-2015-3111, CVE-2015-3112) for reporting these issues and for working with Adobe to help protect our customers.