Shockwave Player Arbitrary Code Execution Vulnerability

Posted on Wednesday, June 24, 2009 @ 20:12:51 PDT in Security
by Raven

SECUNIA ADVISORY ID: SA35544

VERIFY ADVISORY: http://secunia.com/advisories/35544/

CRITICAL: Highly Critical

DESCRIPTION: A vulnerability has been reported in Shockwave Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is reported in versions prior to 11.5.0.600. The vulnerability is caused due to an unspecified error when processing Shockwave Player 10 content and can be exploited to execute arbitrary code.

SOLUTION: Uninstall versions prior to 11.5.0.600, restart the system, and install version 11.5.0.600: http://get.adobe.com/shockwave/

PROVIDED AND/OR DISCOVERED BY: The vendor credits Paul Kurczaba, reported via ZDI.

ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb09-08.html
 
 
click Related        click Share
 
News ©

Site Info v2.2.2

Last SeenLast Seen
Server TrafficServer Traffic
  • Total: 369,748,386
  • Today: 55,540
Server InfoServer Info
  • Oct 20, 2018
  • 01:12 pm PDT
 
 

Daily Inspiration