Home : Security : News

Adobe fixes five critical Shockwave flaws

Adobe's multimedia web player is patched up for vulnerabilities a hacker could have exploited.

By Asavin Wattanajantra, 4 Nov 2009 at 15:51

Adobe has released an update fixing five ‘critical’ vulnerabilities in its Shockwave player, said to be on 450 million internet-enabled desktops.

The vulnerabilities could have allowed an attacker who successfully exploited them to run malicious code.

There was an invalid index and an invalid strength length vulnerability, as well as two invalid pointer flaws.

Nicolas Joly of VUPEN security was credited for reporting the four issues and working with Adobe to protect customers.

The update also solves a boundary condition issue that could have lead to Denial of Service (DoS).

Shockwave Player is described as the 'web standard for powerful multimedia playback' by Adobe, and allows users who download it to see interactive web content such as business presentations, advertisements, entertainment and games.

The flaws can be patched by downloading the latest Shockwave update.

Email to a friend

Print this page

< Previous Security : News Next >

Be the first to comment on this article

You need to Login or Register to comment.

Latest Security Analysis & Insight

Who to trust after the VeriSign hack?

Davey Winder questions what data was stolen from VeriSign and wonders why the company hasn't been more forthcoming.

More Security Analysis & Insight

Latest Security Reviews

Check Point 2210 Appliance review

Rating:

Check Point's new 2200 Appliances combined enterprise level network security with an SMB price tag. Its software blades provide a wealth of features, but do they complicate deployment? Read this exclusive review to find out.