Adobe Shockwave Player APSB12-13 Multiple Memory Corruption Vulnerabilities

Bugtraq ID:	53420
Class:	Unknown
CVE:	CVE-2012-2029 CVE-2012-2030 CVE-2012-2031 CVE-2012-2032 CVE-2012-2033
Remote:	Yes
Local:	No
Published:	May 08 2012 12:00AM
Updated:	May 09 2012 10:00PM
Credit:	Rodrigo Rubira Branco of Qualys Vulnerability & Malware Research Labs and Honggang Ren of Fortinet's FortiGuard Labs
Vulnerable:	Adobe Shockwave Player 11.5.7 .609 Adobe Shockwave Player 11.5.6 .606 Adobe Shockwave Player 11.5.2 .606 Adobe Shockwave Player 11.5.2 .602 Adobe Shockwave Player 11.5.1 .601 Adobe Shockwave Player 11.5 .601 Adobe Shockwave Player 11.5 .600 Adobe Shockwave Player 11.5 .596 Adobe Shockwave Player 11.6.3.633 Adobe Shockwave Player 11.6.0.626 Adobe Shockwave Player 11.5.9.620 Adobe Shockwave Player 11.5.9.615 Adobe Shockwave Player 11.5.8.612 Adobe Shockwave Player 11.5.0.595 Adobe Shockwave Player 11.0.3.471 Adobe Shockwave Player 11.0.0.456 Adobe Shockwave Player 11
Not Vulnerable:	Adobe Shockwave Player 11.6.4.634

Adobe Shockwave Player APSB12-13 Multiple Memory Corruption Vulnerabilities

Adobe Shockwave Player is prone to multiple memory corruption vulnerabilities.

Attackers can exploit these issues to crash the affected application and execute arbitrary code within the context of the affected application.

Versions prior to Adobe Shockwave Player 11.6.4.634 are vulnerable.

Adobe Shockwave Player APSB12-13 Multiple Memory Corruption Vulnerabilities

Currently we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Adobe Shockwave Player APSB12-13 Multiple Unspecified Memory Corruption Vulnerabilities

Solution:
Updates are available. Please see the references for details.

Adobe Shockwave Player APSB12-13 Multiple Unspecified Memory Corruption Vulnerabilities

References:

• Adobe Homepage (Adobe)
  
• Security update available for Adobe Shockwave Player (Adobe)