Adobe Shockwave Player Multiple Vulnerabilities (Windows) - Nov 2011 Network Vulnerability

Summary

This host is installed with Adobe Shockwave Player and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow attackers to execute arbitrary code or to cause a denial of service. Impact Level: Application/System

Solution

Upgrade to Adobe Shockwave Player version 11.6.3.633 or later, For updates refer to http://get.adobe.com/shockwave/otherversions/

Insight

Multiple flaws are due to an error in, - DIRAPI.dll and TextXtra.x32 when parsing Director file headers. - DIRAPI.dll when parsing rcsl chunks within Director files.

Affected

Adobe Shockwave Player Versions prior to 11.6.3.633 on Windows.

References

http://secunia.com/advisories/46667/
http://www.adobe.com/support/security/bulletins/apsb11-27.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-2446, CVE-2011-2447, CVE-2011-2448, CVE-2011-2449

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat Out-of-bounds Vulnerability Feb15 (Windows)
Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Windows)
Adobe Acrobat and Reader Multiple Vulnerabilities -Oct10 (Windows)
Adobe AIR Multiple Vulnerabilities-01 Dec13 (Windows)
Adobe Air Multiple Vulnerabilities -01 August 12 (Mac OS X)

Take action and discover your vulnerabilities