Ravens PHP Scripts

Shockwave Player Arbitrary Code Execution Vulnerability
Date: Wednesday, June 24, 2009 @ 21:12:51 CEST
Topic: Security


VERIFY ADVISORY: http://secunia.com/advisories/35544/

CRITICAL: Highly Critical

DESCRIPTION: A vulnerability has been reported in Shockwave Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is reported in versions prior to The vulnerability is caused due to an unspecified error when processing Shockwave Player 10 content and can be exploited to execute arbitrary code.

SOLUTION: Uninstall versions prior to, restart the system, and install version http://get.adobe.com/shockwave/

PROVIDED AND/OR DISCOVERED BY: The vendor credits Paul Kurczaba, reported via ZDI.

ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb09-08.html

This article comes from Ravens PHP Scripts

The URL for this story is: