Skip to main content

Adobe Shockwave Player Multiple Vulnerabilities

Last Update Date: 24 Oct 2012 11:23 Release Date: 24 Oct 2012 4811 Views

RISK: High Risk

TYPE: Clients - Audio & Video

TYPE: Audio & Video

Multiple vulnerabilities have been identified in Adobe Shockwave Player. A remote user can cause arbitrary code to be executed on the target user's system.  

  1. A remote user can create specially crafted content that, when loaded by the target user, will trigger a buffer overflow and execute arbitrary code on the target system. The code will run with the privileges of the target user.
  2. A remote user can create specially crafted content that, when loaded by the target user, will trigger an out-of-bounds array error and execute arbitrary code on the target system.

Impact

  • Remote Code Execution

System / Technologies affected

  • Adobe Shockwave Player version 11.6.7.637 and prior

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version Adobe Shockwave Player version 11.6.8.638

Vulnerability Identifier


Source


Related Link