Release date:
Updated on:
Affected Systems:
Adobe Shockwave Player <12.0.0.112
Description:
--------------------------------------------------------------------------------
Bugtraq id: 58971
CVE (CAN) ID: CVE-2013-1383, CVE-2013-1384, CVE-2013-1385, CVE-2013-1386
Adobe Shockwave Player is a software used to play web content created using Macromedia and Adobe ctor.
Adobe Shockwave Player earlier than 12.0.2.122 has the buffer overflow vulnerability, memory corruption vulnerability, and information leakage vulnerability. Attackers can exploit this vulnerability to execute arbitrary code.
<* Source: Honggang Ren
Aaron Portnoy
Link: http://www.adobe.com/support/security/bulletins/apsb13-12.html
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Adobe
-----
Adobe has released a Security Bulletin (apsb13-12) and patches for this:
Apsb13-12: Security update available for Adobe Shockwave Player
Link: http://www.adobe.com/support/security/bulletins/apsb13-12.html