Relating to this vendor:
And, this specific program:
Adobe Photoshop CS5 12.x
|Shepherd_france||Adobe Creative Suite CS5: vulnerability in Java JRE version installed|
|27th May, 2010 01:34|
User Since: 27th May, 2010
System Score: N/A
Last edited on 27th May, 2010 01:50
After Photoshop CS5 installation (using Creative Suite Design Premium DVD), I had the bad surprise to see the following Secunia PSI alerts (French to English translation):
Sun Java JRE 1.6.x / 6.x (needs to be uninstalled)
Sun Java JRE 1.6.x / 6.x software (needs to be uninstalled) is vulnerable and could threat your computer security !
Secunia highly recommends to update this software by installing patch vendor.
Version of JRE detected: 18.104.22.168 (Secunia advisory: SA37255)
This alert shows up twice for following paths:
I launched Adobe Updater: no patch available (products are up-to-date). I called Adobe technical support who was not informed about this problem and told me that each software had vulnerabilities anyway. What an answer!
Java v6.0.20 (last version available) was already installed on my system before Adobe Creative Suite Design Premium CS5 installation.
Though Firefox plugins window displays Java Deployment Toolkit v22.214.171.124 and Java Platform SE6 U 20 v126.96.36.199, vulnerabilities are also reported in the Secunia browsers tab.
I don't know how to patch twice this same vulnerability since JRE is there part of Adobe application folders. For Java updater, of course version installed is up-to-date.
I don't know either if there is a workaround (without creating problem running Adobe programs).
Please Secunia, help would be more than welcome.
Thank you :-).
PS: obviously I'm not the only one to meet this problem. See lkupersmith comments on Adobe forum
|taffy078||RE: Adobe Creative Suite CS5: vulnerability in Java JRE version installed|
|27th May, 2010 07:07|
User Since: 26th Feb 2009
System Score: 100%
Last edited on 27th May, 2010 07:10
|Hi - and welcome to Secunia.
This section - Vulnerabilities - is used by Secunia to provide information about vulnerabilities.
It is most unlikely that any member will post a reply here.
What you now need to do is to create a new thread in Programs.
When you do that & input the vendor's name, please allow a second or two for the screen to refresh and give you a list of programs.
I see you've already searched and seen some of the issues with this common problem. I'm sure that the teccie guys will soon sort it out for you when they get here, and when you have re-posted it!
If this solves your problem for now please close this thread by choosing ACCEPT so you & I won't receive unnecessary update emails.
taffy078, West Yorkshire, UK
Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v188.8.131.5203
Laptop: Win 7 / IE11 / PSI v184.108.40.20603
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.