It also contains references to other records. mmap records contains offsets and lengths of all other records. dir media file (duplicated KEY* reference in mmap record)Īdobe Shockwave Player is the Adobe plugin to many different browsers to view rich-media content on the web including animations, interactiveĪdobe Shockwave Player does not properly parse. Memory corruption when Adobe Shockwave Player parses. This vulnerability was discovered by Michael Golub and researched by Rodrigo Rubira Branco from Check Point Vulnerability Discovery Team (VDT). Important to note that a previous vulnerability discovered by To trigger the problem a PoC file (repro12.dir) is available to interested parties. ![]() We used the following values to calculate the scores:īase score is: AV:N/AC:L/Au:N/C:C/I:C/A:C Shockwave Player version 11.5.8.612, Module DIRAPI.dll on WinXP_PT SP3 Internet Explorer. This problem was confirmed in the following versions of Adobe Shockwave Player and Windows, other versions may be also affected. dir media file, which causes a corruption in module DIRAPI.dll by opening a malformed file with an invalid element size. dir media file (mmap_element_size)Īdobe Shockwave Player is the Adobe plugin to many different browsers to view rich-media content on the web including animations, interactive presentations, and online entertainment.Īdobe Shockwave Player does not properly parse. ![]() Please update to the latest Shockwave Player Shockwave 12.0.2.122.Change Mirror Download =Ĭheck Point Software Technologies - Vulnerability Discovery Team (VDT) and earlier versions should install the 26.2 MB update to Adobe AIR 3.7 (Macintosh). We recommend the users of Adobe Flash Player 11.6.602.180 and earlier versions for Mac OS X should update to Adobe Flash Player 11.7.700.169. The hotfix also resolves a vulnerability that could be exploited to impersonate an authenticated user.The hotfix for shockwave player resolves an issue that could be used by an unauthorized user to gain access to ColdFusion administrator console.Memory leakage vulnerability that could be exploited to reduce the effectiveness of address space randomization, which exposes the key data areas in the device to attacks.Memory corruption vulnerability that could be used by attackers to infect the device. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |