[SingCERT] Adobe Shockwave Player Multiple Bugs Let Remote Users Execute Arbitrary Code
- Published on Wednesday, 09 November 2011 14:52
[ Summary ]
Several vulnerabilities were reported in Adobe Shockwave. A remote, unauthenticated attacker can execute arbitrary code on a vulnerable system with the privileges of the target user.
By convincing a user to view a specially crafted document that supports embedded Shockwave (e.g., Microsoft Office document or HTML email message or attachment or HTML web page), an attacker can execute arbitrary code.
[ Affected Systems ]
Adobe Shockwave Player 184.108.40.2069 and ealier versions
[ Solution/Workaround ]
Apply fix from vendor
[ Reference ]