VUPEN Vulnerability Research Team discovered eleven critical vulnerabilities in Adobe Shockwave Player. These vulnerabilities are caused due to integer overflows, array indexing, and memory corruption errors when processing malformed Shockwave or Director files, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page. Versions prior to 11.5.7.609 are affected.
c2ffc80cdc36096e80f2c00c27491571ea28746b9e6cc10037e4cfabbf25a862
Secunia Research has discovered a vulnerability in Adobe Shockwave Player, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by an array indexing error when processing Shockwave files. This can be exploited to corrupt memory when a specially crafted Shockwave file (e.g. ".dir") is opened. Successful exploitation may allow execution of arbitrary code. Version 11.5.6.606 is affected.
aaccf5333966fa257d1abf65746a2b24762c1eea4ffaf39c72989322d81409fd
iDefense Security Advisory 05.11.10 - Remote exploitation of a heap memory indexing vulnerability in Adobe Systems Inc.'s Shockwave Player could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability takes place during the processing of a certain malformed file. A function calculates an offset to be used within a memory mapped file and returns the offset value. The return value is not checked. This can lead to a condition where an attacker is able to overwrite memory outside the bounds of the allocated memory map. iDefense has confirmed the existence of this vulnerability in the latest version of Shockwave Player at the time of testing, version 11.5.6r606. Shockwave Player 11.5.6.606 and earlier versions for Windows and Macintosh are vulnerable.
d94b185f92bdc137032a8bcdd7bb769637e8dacb78286c282baa5d43828cc72b
Code Audit Labs has discovered a vulnerability allows remote attackers to execute code on vulnerable installations of Adobe's Shockwave Player. User interaction is required in that a user must visit a malicious web site. The specific flaw exists when the Shockwave player attempts to load a specially crafted Adobe Director File. When a malicious value is used extern to signed integer. Exploitation can lead to remote system compromise under the credentials of the currently logged in user.
cf8e78b21a4eb4ac23bd52a6d488b0cc6e64d0a9c2ab1359260c09254c4e44f0