Code Audit Labs has discovered a vulnerability allows remote attackers to execute code on vulnerable installations of Adobe's Shockwave Player. User interaction is required in that a user must visit a malicious web site. The specific flaw exists when the Shockwave player attempts to load a specially crafted Adobe Director File. When a malicious value is used extern to signed integer. Exploitation can lead to remote system compromise under the credentials of the currently logged in user.
cf8e78b21a4eb4ac23bd52a6d488b0cc6e64d0a9c2ab1359260c09254c4e44f0