Skip to main content

Adobe Shockwave Player Multiple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 4 Nov 2009 5433 Views

RISK: Medium Risk

Multiple vulnerabilities have been identified in Adobe Shockwave Player, which could be exploited by remote attackers to compromise a vulnerable system.

1. An invalid index when handling certain Shockwave content, which could be exploited to execute arbitrary code via a specially crafted web page.

2. An invalid pointer when processing certain Shockwave content, which could be exploited to execute arbitrary code by tricking a user into visiting a specially crafted web page.

3. An invalid pointer when handling certain Shockwave content, which could be exploited to execute arbitrary code by tricking a user into visiting a specially crafted web page.

4. A memory corruption related to string processing, which could be exploited to execute arbitrary code by tricking a user into visiting a specially crafted web page.


Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • Shockwave Player 11.5.1.601 and earlier versions

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link