[PCWorks] Adobe Shockwave Player Multiple Vulnerabilities

• From: "Clint Hamilton-PCWorks Admin" <PCWorks@xxxxxxxxxxxxxxxxxxxxxxxx>
• To: "PCWorks@xxxxxxxxxxxxx" <pcworks@xxxxxxxxxxxxx>
• Date: Fri, 6 Nov 2009 00:31:08 -0600

TITLE:
Adobe Shockwave Player Multiple Vulnerabilities

SECUNIA ADVISORY ID:
SA37214

VERIFY ADVISORY:
http://secunia.com/advisories/37214/

DESCRIPTION:
Some vulnerabilities have been reported in Adobe Shockwave 
Player,
which can be exploited by malicious people to compromise a 
user's
system.

1) An error related to the use of an invalid index can be 
exploited
to potentially execute arbitrary code via specially crafted 
Shockwave
content.

2) An error related to the use of an invalid pointer can be 
exploited
to potentially execute arbitrary code via specially crafted 
Shockwave
content.

3) Another error related to the use an invalid pointer can be
exploited to potentially execute arbitrary code via specially 
crafted
Shockwave content.

4) An error when processing string lengths can be exploited to 
cause
a memory corruption and potentially execute arbitrary code.

NOTE: A boundary error which results in a crash was also 
reported.

The vulnerabilities are reported in version 11.5.1.601 and 
prior.

SOLUTION:
Update to version 11.5.2.602:
http://get.adobe.com/shockwave/

ORIGINAL ADVISORY:
http://www.adobe.com/support/security/bulletins/apsb09-16.html


=========================
The list's FAQ's can be seen by sending an email to 
PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line.

To unsubscribe, subscribe, set Digest or Vacation to on or off, go to 
//www.freelists.org/list/pcworks .  You can also send an email to 
PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line.  Your 
member list settings can be found at 
//www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks .  Once logged in, you have 
access to numerous other email options.  

The list archives are located at //www.freelists.org/archives/pcworks/ .  
All email posted to the list will be placed there in the event anyone needs to 
look for previous posts.
-zxdjhu-

Other related posts:

• » [PCWorks] Adobe Shockwave Player Multiple Vulnerabilities - Clint Hamilton-PCWorks Admin
• » [PCWorks] Adobe Shockwave Player Multiple Vulnerabilities- Clint Hamilton-PCWorks Admin
• » [PCWorks] Adobe Shockwave Player Multiple Vulnerabilities- Clint Hamilton-PCWorks Admin
• » [PCWorks] Adobe Shockwave Player Multiple Vulnerabilities- Clint Hamilton-PCWorks Admin
• » [PCWorks] Adobe Shockwave Player Multiple Vulnerabilities- Clint Hamilton-PCWorks Admin
• » [PCWorks] Adobe Shockwave Player Multiple Vulnerabilities- Clint Hamilton-PCWorks Admin

1. Home
2. pcworks
3. Archive
4. 11-2009

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---