In association with heise online

15 February 2012, 09:22

Shockwave Player critical holes closed

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Adobe Shockwave logo

Adobe has updated Shockwave Player on Windows and Mac OS X to version after identifying nine critical vulnerabilities. The problems affect Shockwave Player and all earlier versions on Windows and Mac OS X – Adobe recommend updating to the new release by downloading it from To identify whether Shockwave Player is installed on a system, users should visit the test page on Adobe's site.

The majority of the problems are in the Shockwave 3D Asset where seven memory corruption vulnerabilities could lead to code execution; these were all reported by Hongnang Ren of FortiGuard Labs. An eighth memory corruption issue and a heap overflow vulnerability, both of which could also lead to code execution, were reported by "instruder" of and bring the flaw tally up to nine.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit