Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution

Multiple security vulnerabilities affecting numerous Adobe products (Acrobat Reader, InDesign, Connect, ColdFusion, FrameMaker, Photoshop, Illustrator, Bridge, DNG SDK, Experience Manager, and others) have been disclosed, including high-severity issues such as heap-based buffer overflows, use-after-free, prototype pollution, deserialization of untrusted data, and XSS; successful exploitation of the most severe flaws could allow arbitrary code execution in the context of the logged-on user and potentially enable installation of programs, data access or deletion, and account creation with elevated privileges.