Macromedia Shockwave Player ActiveX Control Buffer Overflow Vulnerability

From BugTrag (SecurityFocus):
http://www.securityfocus.com/bid/16791


Macromedia Shockwave Player is prone to a buffer overflow when a particular ActiveX control is passed malicious parameters. Attackers can exploit this vulnerability to cause the application to fail or potentially execute arbitrary code.


Macromedia Shockwave Player versions 10.1.0.11 and earlier are vulnerable.


Vulnerable: 
Macromedia Shockwave 8.5.1 r106
Macromedia Shockwave 8.5.1 r105
Macromedia Shockwave 8.0
Macromedia Shockwave 6.0
Macromedia Shockwave 5.0
Macromedia Shockwave 4.0
Macromedia Shockwave 3.0
Macromedia Shockwave 2.0
Macromedia Shockwave 1.0
Macromedia Shockwave 10.1.0.11


Solution:   This issue has been addressed by Adobe. Reportedly, no action needs to be taken by users to correct this vulnerability.

Leave a Reply