Posts Tagged 'shockwave'

Shockwave Player version 11.5.2.602

Published November 4, 2009 patch , security Leave a Comment
Tags: ,

Shockwave Player version 11.5.2.602
Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.1.601 and earlier versions. The vulnerabilities could allow an attacker, who successfully exploits the vulnerabilities, to run malicious code on the affected system. Adobe has provided a solution for the reported vulnerabilities. It is recommended that users update their installations using the instructions provided below.
Security updates available for Shockwave Player (APSB09-16) (2009-Nov-03) [Adobe]

This update fixes a number of vulnerabilities with impacts that include denial of service and arbitrary code execution. Adobe categorizes this as a critical update and recommends that users apply the update for their product installations.

CRP09-62

Security update available for Shockwave Player (11.5.1.601)

Published July 29, 2009 patch , security Leave a Comment
Tags: ,

Summary [1]
Adobe Shockwave Player 11.5.0.600 and earlier versions on Windows leverages a vulnerable version of the Microsoft Active Template Library (ATL) described in Microsoft Security Advisory (973882). This vulnerability could allow an attacker who successfully exploits the vulnerability to take control of the affected system. Adobe has provided a solution for the reported vulnerability. It is recommended that users update their installations using the instructions provided below. …

Severity rating:
Critical (Remote Code Execution)

Solution:
Update to Shockwave v11.5.1.601 from http://get.adobe.com/shockwave/

CRP09-037

Security Update available for Shockwave Player

Published June 25, 2009 patch , security Comment
Tags: ,

Shockwave version 11.5.0.600 (Windows) has been released. Adobe has categorised this as a critical update as successful exploitation of the vulnerability allows the attacker to take control of the affected system. This issue is remotely exploitable.

Security Update available for Shockwave Player [1]
Release date: June 23, 2009
Vulnerability identifier: APSB09-08
CVE number: CVE-2009-1860
Platform: Windows

Summary
A critical vulnerability has been identified in Adobe Shockwave Player 11.5.0.596 and earlier versions. This vulnerability could allow an attacker who successfully exploits this vulnerability to take control of the affected system. Adobe has provided a solution for the reported vulnerability. It is recommended that users update their installations using the instructions provided below. …

No exploit details made public yet. It should be pointed out that their upgrade instructions recommend uninstalling the old version, rebooting the machine, and then installing the new version. [2]

Analysis: Patch now

LINKS:
[1] Security Update available for Shockwave Player APSB09-08 (2009-Jun-23) [Adobe]
[2] Adobe Shockwave Player Update (2009-Jun-24) [SANS]

CRP09-027

May 2013
M T W T F S S
« Apr    
 12345
6789101112
13141516171819
20212223242526
2728293031  

Categories

License

Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 2.5 Australia License.

del.icio.us

Flickr Photos

LaserForce

Birthday Dragon

Birthday Dragon

Birthday Dragon

Birthday Dragon

New Bow

Day 10 | stars | #FMSphotoadayMAY 2013

2013 Mother's Day Classic

More Photos

Twittering

Cluster Map

Locations of visitors to this page
hacker emblem
Follow

Get every new post delivered to your Inbox.

Join 27 other followers