OSVDB ID: 73028

Title: Adobe Shockwave Player IML32.dll Component Unspecified Memory Corruption

Info

Disclosure

Jun 15, 2011

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Jun 14, 2011

Description

A memory corruption flaw exists in Adobe Shockwave Player. The IML32.dll component fails to sanitize user-supplied input when an unspecified error occurs resulting in memory corruption. This may allow an attacker to execute arbitrary code.

Classification

Location: Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Unknown
Disclosure: RBS Confirmed, Vendor Verified, Coordinated Disclosure

Solution

Upgrade to version 11.6.0.626 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Adobe Systems Incorporated

Shockwave Player

11.5.9.620

References

Credit

Unknown or Incomplete



Direct URL: http://osvdb.org/73028