In association with heise online

09 November 2011, 17:09

Adobe closes critical holes in Shockwave

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Shockwave logo

Adobe has updated its Shockwave player to version, closing several critical security holes that allowed attackers to inject malicious code into a victim's system. Two of the holes are contained in the Director's DIRapi library, while another can be found in the TextXtra module. All the holes are memory corruption vulnerabilities and were confidentially reported to Adobe by security researchers. The company is currently keeping the details under wraps.

As the Shockwave player is incorporated as an add-on in many browsers, just visiting a specially crafted web page is enough for a computer to become infected. Versions up to and including for Windows and Mac OS X are affected. Users can find out which version of the Shockwave plug-in they are currently using by visiting Adobe's test page in their browser.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit