what you don't know can hurt you
Showing 1 - 1 of 1 RSS Feed

Files

iDEFENSE Security Advisory 2010-05-11.1
Posted May 12, 2010
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 05.11.10 - Remote exploitation of a heap memory indexing vulnerability in Adobe Systems Inc.'s Shockwave Player could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability takes place during the processing of a certain malformed file. A function calculates an offset to be used within a memory mapped file and returns the offset value. The return value is not checked. This can lead to a condition where an attacker is able to overwrite memory outside the bounds of the allocated memory map. iDefense has confirmed the existence of this vulnerability in the latest version of Shockwave Player at the time of testing, version 11.5.6r606. Shockwave Player 11.5.6.606 and earlier versions for Windows and Macintosh are vulnerable.

tags | advisory, remote, arbitrary
systems | windows
advisories | CVE-2010-0129
MD5 | 61df35a3577610c8d3da381d7d4a63c3
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
US Stopped Using Floppy Disks To Manage Nuclear Weapons Arsenal
Posted Oct 19, 2019

tags | headline, government, usa, military
Zappos Offers Users 10% Discount In 2012 Breach Settlement
Posted Oct 18, 2019

tags | headline, hacker, privacy, data loss, identity theft
Cryptocurrency Execs Charged With Running $11 Million Ponzi Scheme
Posted Oct 18, 2019

tags | headline, bank, cybercrime, fraud, cryptography
How The Wheels Came Off Facebook's Libra Project
Posted Oct 18, 2019

tags | headline, government, bank, facebook, social, cryptography
Samsung Bug Allows Any Fingerprint To Unlock Phones
Posted Oct 18, 2019

tags | headline, phone, flaw, password, samsung
Dancho Danchev Launches New Uncle George Initiative
Posted Oct 17, 2019

tags | headline, hacker, cybercrime, fraud
Oracle Patches 218 Security Vulnerabilities
Posted Oct 17, 2019

tags | headline, database, flaw, patch, oracle
SHIELD Act Passes Committee
Posted Oct 17, 2019

tags | headline, government, usa, fraud
Cozy Bear Is Back In Action Again
Posted Oct 17, 2019

tags | headline, government, usa, russia, fraud, cyberwar, facebook, social
Cybercrime Tool Prices Bump Up In Dark Web Markets
Posted Oct 17, 2019

tags | headline, hacker, cybercrime, fraud
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close