Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Exploit Code Available for Shockwave Player Zero-Day Flaw

24 Oct 2010   #1
JMH

Win 7 Ultimate 64-bit. SP1.
 
 
Exploit Code Available for Shockwave Player Zero-Day Flaw

Quote:

Adobe has confirmed the existence of an unpatched critical remote code execution vulnerability in Shockwave Player, which was publicly disclosed yesterday.

The issue was identified by an outfit called Abyssec Security Research, which notes that it can be exploited by opening a specially crafted DIR or DCR file.

A critical vulnerability exists in Adobe Shockwave Player 11.5.8.612 and earlier versions on the Windows and Macintosh operating systems.

"This vulnerability (CVE-2010-3653) could cause a crash and potentially allow an attacker to take control of the affected system," Adobe writes in a newly published advisory.

The flaw is exploitable over the Web and can theoretically be used to infect users with malware via drive-by download attacks.

However, given that Adobe Shockwave is not as widespread as Adobe Flash Player, Adobe Reader, Java or other commonly targeted applications, this exploit might not be considered suitable for inclusion in Web attack toolkits.

It might be used for more targeted approaches, but so far Adobe is not aware of any exploitation attempts in the wild.
More -
Exploit Code Available for Shockwave Player Zero-Day Flaw - Softpedia


My System SpecsSystem Spec
.

Reply

 Exploit Code Available for Shockwave Player Zero-Day Flaw




Thread Tools





Similar help and support threads
Thread Forum
Blackhole outfitted with exploit for recently patched Java flaw
Source A Guy
Security News
Shockwave Player 12.0.0.112
apsb13-06 Adobe - Adobe Shockwave Player A Guy
System Security
Malicious RTF Files Exploit Office Flaw to Install Trojan
Malicious RTF Files Exploit Office Flaw to Install Trojan - Softpedia
Security News
Shockwave flash player has become un-responsive
Hi folks, This is my first time in this forum... I am having problem with my flash players..... suddenly day before I was prompted to do an update of the adobe player 10.1 and shock wave 11.5 and there is goes been 2 days tried everything but couldnt get to work flash on Google chrome, Firefox...
Browsers & Mail
adobe shockwave player error
I have installed in my pc the most recent version of adobe shockwave player,but when i try to start a hiden object game i get this error....
Software
Security updates available for Shockwave Player
Security updates available for Shockwave Player Security updates available for Shockwave Player Release date: November 3, 2009 Vulnerability identifier: APSB09-16 CVE number: CVE-2009-3244, CVE-2009-3463, CVE-2009-3464, CVE-2009-3465, CVE-2009-3466 Platform: Windows and Macintosh
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 08:14.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App