Release date:
Updated on:
Affected Systems:
Adobe Shockwave Player <12.0.7.148
Description:
--------------------------------------------------------------------------------
Bugtraq id: 65490
CVE (CAN) ID: CVE-2014-0500
Adobe Shockwave Player is a software used to play web content created using Macromedia and Adobe ctor.
Adobe Shockwave Player 12.0.7.148 and earlier versions have the Remote Memory Corruption Vulnerability. Attackers can exploit this vulnerability to execute arbitrary code in the context of affected application users.
<* Source: Liangliang Song
Link: http://secunia.com/advisories/56740/
Http://helpx.adobe.com/security/products/shockwave/apsb14-06.html
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Adobe
-----
Adobe has released a Security Bulletin (apsb14-06) and patches for this:
Apsb14-06: Adobe Shockwave Player Security Update for February 2014
Link: http://helpx.adobe.com/security/products/shockwave/apsb14-06.html
Http://get.adobe.com/shockwave/