Adobe Shockwave Player Multiple Vulnerabilities - Feb 2012 (MAC OS X) Network Vulnerability

Summary

This host is installed with Adobe Shockwave Player and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow attackers to cause denial of service or execute arbitrary code by tricking a user into visiting a specially crafted web page. Impact Level: System/Application

Solution

Upgrade to Adobe Shockwave Player version 11.6.4.634 or later, For updates refer to http://get.adobe.com/shockwave/otherversions/

Insight

The flaws are due to memory corruptions errors in Shockwave 3D Asset component when processing malformed file.

Affected

Adobe Shockwave Player Versions 11.6.3.633 and prior on Mac OS X

References

http://secunia.com/advisories/47932/
http://www.adobe.com/support/security/bulletins/apsb12-02.html
http://www.securitytracker.com/id/1026675

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-0757, CVE-2012-0758, CVE-2012-0759, CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, CVE-2012-0764, CVE-2012-0766

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Air Remote Code Execution Vulnerability -June13 (Windows)
Adobe Acrobat Unspecified vulnerability
Adobe AIR Multiple Vulnerabilities-01 Dec13 (Windows)
Adobe AIR Multiple Vulnerabilities -02 April 13 (Windows)
Adobe Flash Media Server Multiple Remote Security Vulnerabilities

Take action and discover your vulnerabilities