Click for a hub of Extension resources related to the current COVID-19 situation.
COVID-19 Resources
Texas A&M AgriLife IT Security
Texas A&M AgriLife IT SecurityLatest IT news & tips to keep your computer safe

Shockwave patch issued on May 11 – current version is 11.5.7.609

by Leave a Comment

http://secunia.com/advisories/38751/
The vulnerabilities are reported in versions 11.5.6.606 and prior on Windows and Macintosh.

Solution
Update to version 11.5.7.609.

Original Advisory
Adobe:
http://www.adobe.com/support/security/bulletins/apsb10-12.html

And don’t forget, it will by default install the google tool bar. You have to uncheck the box if you don’t want it.

Download location – http://get.adobe.com/shockwave/

DIR info

>>> “Luevano, Ana” <> 5/12/2010 9:33 AM >>>
MULTI-STATE INFORMATION SHARING AND ANALYSIS CENTER CYBER SECURITY
ADVISORY

 
MS-ISAC ADVISORY NUMBER:
2010-039

DATE(S) ISSUED:
5/12/2010 

SUBJECT:
Multiple Vulnerabilities in Adobe Shockwave Player Could Allow Remote
Code Execution

OVERVIEW:
Multiple vulnerabilities have been discovered in Adobe Shockwave Player
which could allow an attacker to take complete control of an affected
system. Adobe Shockwave Player is a prevalent multimedia application
used to display animations and video. These vulnerabilities may be
exploited if a user visits or is redirected to a specifically crafted
web page, or opens a specially crafted Shockwave (SWF) file. Successful
exploitation may result in an attacker gaining the same privileges as
the logged on user. Depending on the privileges associated with the
user, an attacker could then install programs; view, change, or delete
data; or create new accounts with full user rights.

 SYSTEMS AFFECTED:

*    Adobe Shockwave Player 11.5.6.606 and prior

 RISK:
Government:
*    Large and medium government entities: High
*    Small government entities: High

Businesses:
*    Large and medium business entities: High
*    Small business entities: High

 Home users: High
 

DESCRIPTION:
Eighteen security vulnerabilities have been identified in Adobe
Shockwave Player. These vulnerabilities may be exploited if a user
visits or is redirected to a specifically crafted web page, or opens a
specially crafted Shockwave (SWF) file.

The vulnerabilities are as follows:
*        There are 16 memory corruption vulnerabilities that could
result in remote code execution
*        A denial-of-service vulnerability that is caused by an infinite
loop.
*        An unspecified integer-overflow vulnerability could result in
remote arbitrary code execution.

 Successful exploitation of the remote code execution vulnerabilities
could result in an attacker gaining the same privileges as the logged on
user. Depending on the privileges associated with the user, an attacker
could then install programs; view, change, or delete data; or create new
accounts with full user rights.

 RECOMMENDATIONS:
We recommend the following actions be taken:

*    Apply appropriate updates provided by Adobe to vulnerable
systems immediately after appropriate testing.
*    Do not open email attachments from unknown or un-trusted
sources.
*    Do not visit un-trusted websites or follow links provided by
unknown or un-trusted sources.
*    Inform and educate users regarding the threats posed by
attachments and hypertext links contained in emails especially from
un-trusted sources.

REFERENCES:

Adobe:

http://www.adobe.com/support/security/bulletins/apsb10-12.html

Security Focus:

http://www.securityfocus.com/bid/40082

http://www.securityfocus.com/bid/40083

http://www.securityfocus.com/bid/40088

http://www.securityfocus.com/bid/40089

http://www.securityfocus.com/bid/40090

http://www.securityfocus.com/bid/40091

http://www.securityfocus.com/bid/40093

http://www.securityfocus.com/bid/40094

http://www.securityfocus.com/bid/40096

 

CVE:

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0127

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0128

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0129

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0130

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0986

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0987

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1280

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1281

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1282

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1283

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1284

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1286

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1287

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1288

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1289

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1290

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1291

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1292

iDenfense Labs:

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=869

TippingPoint:

http://www.zerodayinitiative.com/advisories/ZDI-10-087

http://www.zerodayinitiative.com/advisories/ZDI-10-088
 

http://www.zerodayinitiative.com/advisories/ZDI-10-089
 

Leave a Reply