Adobe Shockwave Player Multiple Vulnerabilities Nov-2012 (MAC OS X) Network Vulnerability

Summary

This host is installed with Adobe Shockwave Player and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow an attacker to cause denial of service or execute arbitrary code by tricking a user into visiting a specially crafted web page. Impact Level: System/Application

Solution

Upgrade to Adobe Shockwave Player 11.6.8.638 or later, For updates refer to http://get.adobe.com/shockwave/otherversions/

Insight

The flaws are due to memory corruption errors and array indexing error when processing malformed file.

Affected

Adobe Shockwave Player Versions prior to 11.6.8.638 on MAC OS X

References

http://seclists.org/cert/2012/108
http://www.adobe.com/support/security/bulletins/apsb12-23.html
http://www.securitytracker.com/id/1027692

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-4172, CVE-2012-4173, CVE-2012-4174, CVE-2012-4175, CVE-2012-4176, CVE-2012-5273

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe AIR Multiple Vulnerabilities-01 Jun14 (Windows)
Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Windows)
Adobe AIR Multiple Vulnerabilities -02 April 13 (Mac OS X)
Adobe AIR Multiple Vulnerabilities-01 Aug14 (Mac OS X)
Adobe Air Multiple Vulnerabilities -01 August 12 (Mac OS X)

Take action and discover your vulnerabilities