You are here

V-131: Adobe Shockwave Player Multiple Vulnerabilities

April 11, 2013 - 6:00am

Addthis

PROBLEM:

Multiple vulnerabilities have been reported in Adobe Shockwave Player

PLATFORM:

The vulnerabilities are reported in versions 12.0.0.112 and prior

ABSTRACT:

This update addresses vulnerabilities that could allow an attacker to run malicious code on the affected system

REFERENCE LINKS:

Secunia Advisory: SA52981
Adobe Security Bulletin
CVE-2013-1383
CVE-2013-1384
CVE-2013-1385
CVE-2013-1386

IMPACT ASSESSMENT:

High

DISCUSSION:

This update resolves :

1) A buffer overflow vulnerability that could lead to code execution

2) Memory corruption vulnerabilities that could lead to code execution

3) Memory leakage vulnerability that could be exploited to reduce the effectiveness of address space randomization

IMPACT:

System access

SOLUTION:

Adobe recommends users of Adobe Shockwave Player 12.0.0.112 and earlier versions update to the newest version

Addthis