Shockwave Player critical holes closed
Adobe has updated Shockwave Player on Windows and Mac OS X to version 11.6.4.634 after identifying nine critical vulnerabilities. The problems affect Shockwave Player 11.6.3.633 and all earlier versions on Windows and Mac OS X – Adobe recommend updating to the new release by downloading it from get.adobe.com/shockwave. To identify whether Shockwave Player is installed on a system, users should visit the test page on Adobe's site.
The majority of the problems are in the Shockwave 3D Asset where seven memory corruption vulnerabilities could lead to code execution; these were all reported by Hongnang Ren of FortiGuard Labs. An eighth memory corruption issue and a heap overflow vulnerability, both of which could also lead to code execution, were reported by "instruder" of vulnhunt.com and bring the flaw tally up to nine.
See also:
- Security update available for Adobe Shockwave Player, Adobe Security Bulletin.
(djwm)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
