Update Plugs Critical Security Holes in Adobe Shockwave Player
Adobe announced that it uncovered several critical security vulnerabilities in Adobe Shockwave Player version 11.5.1.601 and previous versions. If successfully exploited by a person with malicious intent, these vulnerabilities could be used to run malicious code on the targeted machine. To prevent such an event from occurring the California-based company that specializes in creating multimedia and creativity software products has released Adobe Shockwave Player 11.5.2.602
“Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.1.601 and earlier versions. The vulnerabilities could allow an attacker, who successfully exploits the vulnerabilities, to run malicious code on the affected system. Adobe has provided a solution for the reported vulnerabilities. It is recommended that users update their installations using the instructions provided below. Adobe recommends Shockwave Player users install Shockwave Player version 11.5.2.602,” announced Adobe.
Here is a more in-depth look at the vulnerabilities the Adobe Shockwave Player 11.5.2.602 update fixes:
CVE-2009-3463
Invalid index vulnerability that could potentially lead to code execution
CVE-2009-3464, CVE-2009-3465
Invalid pointer vulnerabilities that could potentially lead to code execution
CVE-2009-3466
Invalid string length vulnerability that could potentially lead to code execution
CVE-2009-3244
Boundary condition issue that could lead to a Denial of Service (DoS) issue
Just to put things in perspective, Adobe uses a 4 tier security rating:
Low – the vulnerability is extremely hard to exploit; if exploited it has a minimal impact on the software and the user.
Moderate – the vulnerability is difficult to exploit; exploiting the vulnerability is directly related to certain factors (default configuration, auditing, etc).
Important – the vulnerability could compromise data security; the attacker could gain access to sensitive information or could compromise processing resources.
Critical – the vulnerability can be used to run malicious native-code without the user realizing anything wrong is happening.
If you would like to get Adobe Shockwave Player 11.5.2.602, a download location is available here.
Tags: Adobe, Adobe Shockwave Player, Update, Security
“Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.1.601 and earlier versions. The vulnerabilities could allow an attacker, who successfully exploits the vulnerabilities, to run malicious code on the affected system. Adobe has provided a solution for the reported vulnerabilities. It is recommended that users update their installations using the instructions provided below. Adobe recommends Shockwave Player users install Shockwave Player version 11.5.2.602,” announced Adobe.
Advertising
Here is a more in-depth look at the vulnerabilities the Adobe Shockwave Player 11.5.2.602 update fixes:
CVE-2009-3463
Invalid index vulnerability that could potentially lead to code execution
CVE-2009-3464, CVE-2009-3465
Invalid pointer vulnerabilities that could potentially lead to code execution
CVE-2009-3466
Invalid string length vulnerability that could potentially lead to code execution
CVE-2009-3244
Boundary condition issue that could lead to a Denial of Service (DoS) issue
Just to put things in perspective, Adobe uses a 4 tier security rating:
Low – the vulnerability is extremely hard to exploit; if exploited it has a minimal impact on the software and the user.
Moderate – the vulnerability is difficult to exploit; exploiting the vulnerability is directly related to certain factors (default configuration, auditing, etc).
Important – the vulnerability could compromise data security; the attacker could gain access to sensitive information or could compromise processing resources.
Critical – the vulnerability can be used to run malicious native-code without the user realizing anything wrong is happening.
If you would like to get Adobe Shockwave Player 11.5.2.602, a download location is available here.
Tags: Adobe, Adobe Shockwave Player, Update, Security
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 10 Feb 2012
With the release of Wolfram|Alpha Pro, the team behind the popular computational knowledge engine took a very big step forward
By George Norman on 10 Feb 2012
Microsoft has just announced that this February, as part of the Patch Tuesday program, it will roll out a grand total of 9 security bulletins to all customers all over the world.Related News
By George Norman on 09 Sep 2011
Adobe, California-based company that specializes in creating multimedia and creativity software products supports its products for a time period of five years. The company announced yesterday
By George Norman on 28 Sep 2011
Great news for fans of properly good web browsers: the latest version of the Firefox browser to be released to the public is v 7.0
By George Norman on 05 Jan 2012
This is proof that there are a lot of threats on the web and the perfect example of why you should use a properly good security solution to secure your data against viruses and other malware
By George Norman on 28 Nov 2011
Back in August we were reporting that Avast has a grand total of 160 million registered Avast! Free Antivirus Users. Fabricia from Brazil, the 160 millionth user to register the free antivirus product was rewarded withAdvertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP Home29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Update Plugs Critical Security Holes in Adobe Shockwave Player
HTML Linking Code
HTML Linking Code