Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution

Multiple vulnerabilities were disclosed across a range of Adobe products (After Effects, Commerce, Connect, Media Encoder, Premiere Pro, Substance 3D Designer/Painter/Sampler, Content Authenticity SDK, Illustrator), comprising buffer overflows, out-of-bounds reads/writes, use-after-free, integer overflows/underflows, SSRF, improper authorization/input validation, XSS, path traversal, deserialization issues, and uncontrolled resource consumption (many CVEs listed). Successful exploitation of the most severe issues could permit arbitrary code execution as the logged-on user, potentially allowing attackers to install programs, view/change/delete data, or create accounts depending on user privileges.