Adobe issues alert on Shockwave Player 3D graphics flaws

By Robert Westervelt, News Editor 25 Jan 2010 | SearchSecurity.com

Security UK News Digg This!     StumbleUpon     Del.icio.us

Adobe Systems Inc. issued a critical update to its Shockwave Player repairing eight vulnerabilities that could enable attackers to infect machines with data stealing malware.

In an update issued Wednesday, Adobe said the update affects Shockwave Player 11.5.2.602 and earlier versions for Windows and Macintosh. The software maker urged users to uninstall Shockwave Player and reinstall the latest version: Shockwave version 11.5.6.606.

The updates resolve a buffer overflow vulnerability and multiple integer overflow vulnerabilities that could lead to code execution.

Shockwave Player is one of the most widely distributed pieces of software, with more than 450 million users. Danish vulnerability clearinghouse, Secunia Research gave the Shockwave Player flaws a highly critical rating. The errors can be exploited when malicious code forces the player to render 3D graphics models. The issues were discovered by Secunia researcher Alin Rad Pop.

Tags: Threat and Vulnerability Management,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Threat and Vulnerability Management Zeus botnet temporarily disrupted, but back in full force Considering two-factor authentication? Do cost, risk analysis Clientless SSL VPN vulnerability and Web browser protection Microsoft's Charney details new botnet protection, IdM technology at RSA Look into SIEM services to cut costs, comply with PCI DSS, HIPAA Cloud security issues, targeted attacks to be hot-button topics at RSA Zeus Trojan continues reign infecting 74,000 PCs in global botnet How to use Google Webmaster tools to help protect your site New Community Security Policy aims to reduce computer misuse The value of booting from a VHD in Windows 7

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Centre for the Protection of National Infrastructure  (SearchSecurityUK.com) Serious Organized Crime Agency  (SearchSecurityUK.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary