Added on 04 Nov 2009(152 Views)
Adobe announced that it uncovered several critical security vulnerabilities in Adobe Shockwave Player version 11.5.1.601 and previous versions. If successfully exploited by a person with malicious intent, these vulnerabilities could be used to run malicious code on the targeted machine. To prevent such an event from occurring the California-based company that specializes in creating multimedia and creativity software products has released Adobe Shockwave Player 11.5.2.602“Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.1.601 and earlier versions. The vulnerabilities could allow an attacker, who successfully exploits the vulnerabilities, to run malicious code on the affected system. Adobe has provided a solution for the reported vulnerabilities. It is recommended that users update their installations using the instructions provided below. Adobe recommends Shockwave Player users install Shockwave Player version 11.5.2.602,” announced Adobe.
Here is a more in-depth look at the vulnerabilities the Adobe Shockwave Player 11.5.2.602 update fixes:
CVE-2009-3463
Invalid index vulnerability that could potentially lead to code execution
CVE-2009-3464, CVE-2009-3465
Invalid pointer vulnerabilities that could potentially lead to code execution
CVE-2009-3466
Invalid string length vulnerability that could potentially lead to code execution
CVE-2009-3244
Boundary condition issue that could lead to a Denial of Service (DoS) issue
Just to put things in perspective, Adobe uses a 4 tier security rating:
Low – the vulnerability is extremely hard to exploit; if exploited it has a minimal impact on the software and the user.
Moderate – the vulnerability is difficult to exploit; exploiting the vulnerability is directly related to certain factors (default configuration, auditing, etc).
Important – the vulnerability could compromise data security; the attacker could gain access to sensitive information or could compromise processing resources.
Critical – the vulnerability can be used to run malicious native-code without the user realizing anything wrong is happening.
If you would like to get Adobe Shockwave Player 11.5.2.602, a download location is available here.
Don't forget to:
RSSTags: Adobe, Adobe Shockwave Player, Update, Security
Link to this article:
Comments
Yinka Labinjo - 04 Nov 2009 20:29
Do we have to update our flash players?
Add comment:
Software News
Chromium OS Goes Open-Source
This summer Google let the world know that it is working on a new operating system meant for the user that spends most of his time online. The operating system – aptly named Chrome OS because it is a natural extension...
This summer Google let the world know that it is working on a new operating system meant for the user that spends most of his time online. The operating system – aptly named Chrome OS because it is a natural extension...
20 Nov 2009
Office 2010 Beta Downloads Available to the Public
Earlier this week Redmond-based software giant Microsoft announced that Office 2010 became available for download as a Beta. The catch was that only ...
Earlier this week Redmond-based software giant Microsoft announced that Office 2010 became available for download as a Beta. The catch was that only ...
20 Nov 2009
Mozilla Releases: Firefox 3.6 Beta 3
The development process of the Firefox 3.6 browser is moving along rapidly. The first Beta version was released at the start of the month; Beta 2 was released about two weeks after Beta 1. About a week has passed since...
The development process of the Firefox 3.6 browser is moving along rapidly. The first Beta version was released at the start of the month; Beta 2 was released about two weeks after Beta 1. About a week has passed since...
20 Nov 2009
New Labs Feature for Gmail: Green Robot!
The software developers at Google have announced the release of a new Gmail Labs offering called Green Robot! This new offering is meant to improve the Gmail Chat user experience by letting the ...
The software developers at Google have announced the release of a new Gmail Labs offering called Green Robot! This new offering is meant to improve the Gmail Chat user experience by letting the ...
20 Nov 2009
Opera Mobile 10 Beta for Windows Mobile Is Out Also
Opera Software, the company that we all know for making the innovative and feature rich Opera web browser, has released Opera Mobile 10 Beta for Windows Mobile-powered devices. This release follows in the...
Opera Software, the company that we all know for making the innovative and feature rich Opera web browser, has released Opera Mobile 10 Beta for Windows Mobile-powered devices. This release follows in the...
19 Nov 2009
Beta Testing is Over, Stable Version of Trillian for iPhone Released
The focus so far has been on desktop version of this multiprotocol instant messaging software application, Trillian Astra (version 4.1). Today is time to switch focus away from the desktop version and onto something a bit more...
The focus so far has been on desktop version of this multiprotocol instant messaging software application, Trillian Astra (version 4.1). Today is time to switch focus away from the desktop version and onto something a bit more...
19 Nov 2009
Recommended Tools
Registry Booster 2010 Enhanced, deeper and faster error scan performance. Now also in 5 languages! Free Scan
Driver Scanner 2009
Fast and easy, it boosts performance by scanning for, downloading & installing driver updates
Fast and easy, it boosts performance by scanning for, downloading & installing driver updates
SpeedUpMyPC 2009
How fast is your PC really running? Turbo-charge your Internet and PC performance here
How fast is your PC really running? Turbo-charge your Internet and PC performance here
Nero Burning ROM
LimeWire Basic
Yahoo! Messenger
Winamp
Mozilla Firefox
eMule
BitComet
iTunes
Google Earth
uTorrent