lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <54BE4F830CAD46C3B3FCC5CA94BEE58D@Webmail>
Date: Wed, 4 Nov 2009 06:28:54 +0100
From: "VUPEN Security Research" <advisories@...en.com>
To: <bugtraq@...urityfocus.com>
Subject: VUPEN Security - Adobe Shockwave Player Multiple Code Execution Vulnerabilities 

VUPEN Vulnerability Research - Adobe Shockwave Player Multiple Code 
Execution Vulnerabilities


I. BACKGROUND --------------------- 
"Over 450 million Internet-enabled desktops have installed Adobe Shockwave
Player. These people now have access to some of the best the Web has to 
offer
including dazzling 3D games and entertainment, interactive product
demonstrations, and online learning applications. Shockwave Player displays
Web content that has been created by Adobe Director." from Adobe.com


II. DESCRIPTION --------------------- 
VUPEN Vulnerability Research Team discovered four critical vulnerabilities 
affecting
Adobe Shockwave Player.

These vulnerabilities are caused by memory corruptions, invalid index, and
invalid pointer errors within the processing of malformed Shockwave content,
which could allow attackers to execute arbitrary code via specially crafted
web pages.

VUPEN-SR-2009-15 - Adobe Shockwave String Length Code Execution 
Vulnerability
VUPEN-SR-2009-14 - Adobe Shockwave Pointer Overwrite Code Execution 
Vulnerability
VUPEN-SR-2009-13 - Adobe Shockwave Invalid Pointer Code Execution 
Vulnerability
VUPEN-SR-2009-12 - Adobe Shockwave Invalid Index Code Execution 
Vulnerability


III. AFFECTED PRODUCTS
--------------------------------

Adobe Shockwave Player version 11.5.1.601 and prior


IV. Exploits - PoCs & Binary Analysis
--------------------------------------

Fully functional remote code execution exploits have been developed by
VUPEN Security and are available with the in-depth binary analysis
of the vulnerabilities through the VUPEN Exploits & PoCs Service.

http://www.vupen.com/exploits


V. SOLUTION ---------------- 
Upgrade to Adobe Shockwave Player version 11.5.2.602 :
http://get.adobe.com/shockwave/


VI. CREDIT -------------- 
The vulnerabilities were discovered by Nicolas JOLY of VUPEN Security


VII. REFERENCES
----------------------

http://www.vupen.com/english/advisories/2009/3134
http://www.adobe.com/support/security/bulletins/apsb09-16.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3464
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3466


VIII. DISCLOSURE TIMELINE ----------------------------------- 
2009-07-17 - Vendor notified
2009-07-17 - Vendor response
2009-10-27 - Status update received
2009-11-03 - Coordinated public Disclosure


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ