Five critical cross-site scripting flaws were fixed by Adobe in Experience Manager as part of its regularly scheduled patches.

Adobe patched its free Reader and commercial Acrobat software this week to plug the latest in what one researcher called an u201cepidemicu201d of JavaScript vulnerabilities.

Adobe’s security response team is scrambling to investigate new public reports of a new zero-day vulnerability affecting uses of its widely deployed PDF Reader software. In a brief note posted ...

Adobe's Acrobat and Acrobat Reader packages are currently under attack from a JavaScript-based exploit, similar to one which afflicted the software back in June.

Adobe acknowledged that all versions of Reader and Acrobat contain at least one critical vulnerability.

According to an advisory from Adobe, the critical vulnerability exists in Adobe Reader and Acrobat 9.2 and earlier versions. It is being exploited in the wild.

Sophos - an IT security and data protection firm, has reportedly counseled software provider Adobe to start disabling JavaScript in its products by default. This is in direct reaction to the most ...

Adobe, although they have admitted to the flaw, has not given a time line for fixing the affected applications with include Acrobat (Reader as well) 9.1, 8.1.4, 7.1.1 and earlier.