Update Plugs Critical Security Holes in Adobe Shockwave Player
Article by George Norman
On 04 Nov 2009
Adobe announced that it uncovered several critical security vulnerabilities in Adobe Shockwave Player version 11.5.1.601 and previous versions. If successfully exploited by a person with malicious intent, these vulnerabilities could be used to run malicious code on the targeted machine. To prevent such an event from occurring the California-based company that specializes in creating multimedia and creativity software products has released Adobe Shockwave Player 11.5.2.602

“Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.1.601 and earlier versions. The vulnerabilities could allow an attacker, who successfully exploits the vulnerabilities, to run malicious code on the affected system. Adobe has provided a solution for the reported vulnerabilities. It is recommended that users update their installations using the instructions provided below. Adobe recommends Shockwave Player users install Shockwave Player version 11.5.2.602,” announced Adobe.

Advertising

Here is a more in-depth look at the vulnerabilities the Adobe Shockwave Player 11.5.2.602 update fixes:

CVE-2009-3463
Invalid index vulnerability that could potentially lead to code execution

CVE-2009-3464, CVE-2009-3465
Invalid pointer vulnerabilities that could potentially lead to code execution

CVE-2009-3466
Invalid string length vulnerability that could potentially lead to code execution

CVE-2009-3244
Boundary condition issue that could lead to a Denial of Service (DoS) issue


Just to put things in perspective, Adobe uses a 4 tier security rating:
Low – the vulnerability is extremely hard to exploit; if exploited it has a minimal impact on the software and the user.
Moderate – the vulnerability is difficult to exploit; exploiting the vulnerability is directly related to certain factors (default configuration, auditing, etc).
Important – the vulnerability could compromise data security; the attacker could gain access to sensitive information or could compromise processing resources.
Critical – the vulnerability can be used to run malicious native-code without the user realizing anything wrong is happening.

If you would like to get Adobe Shockwave Player 11.5.2.602, a download location is available here.



Tags: Adobe, Adobe Shockwave Player, Update, Security
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
By George Norman on 31 May 2017
Having lots of devices connected to your network and the internet isn't a problem, as long as you keep the bad guys out of the picture. That’s crucial, because they'll exploit any vulnerability that they can find.
By George Norman on 17 Jul 2017
If you want top notch protection for your Windows computer, you can’t go wrong by getting something developed by the internationally renowned security company Kaspersky Lab. The problem is that…
By George Norman on 21 Jul 2017
Unto the Evil, Hell Followed and Bloodfall, the 3 multiplayer DLCs that used to cost money, are now free for anyone who owns the brutally fun first person shooter, Doom. And that’s not all that Update 6.66 has to offer.
By George Norman on 26 Jul 2017
Top-notch real-time protection against viruses doesn’t have to cost money, not if you go with the recently introduced Kaspersky Free antivirus solution. It may not come with a lot of bells and whistles, but it nicely covers all the basics and...
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Update Plugs Critical Security Holes in Adobe Shockwave Player
HTML Linking Code