Adobe Shockwave Player Use-After-Free Vulnerability Network Vulnerability

Summary

This host is installed with Adobe Shockwave Player and is prone to use-after-free vulnerability.

Impact

Successful exploitation will let the user-assisted remote attackers to execute arbitrary code via a crafted web site related to the Shockwave Settings window and an unloaded library. Impact Level: System/Application.

Solution

Upgrade to Adobe Shockwave Player Version 11.5.9.620, For updates refer to http://get.adobe.com/shockwave/otherversions/

Insight

The flaw is due to a use-after-free error in an automatically installed compatibility component.

Affected

Adobe Shockwave Player Version 11.5.9.615 on Windows.

References

http://secunia.com/advisories/42112

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4092

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Air Multiple Vulnerabilities - November12 (Windows)
Adobe Acrobat Unspecified vulnerability
Adobe AIR Multiple Vulnerabilities -01 Feb13 (Linux)
Adobe Air Multiple Vulnerabilities -01 August 12 (Windows)
Adobe AIR Multiple Vulnerabilities -01 Feb13 (Windows)

Take action and discover your vulnerabilities