Overview
» IDS/IPS Signatures
Security Sites
iPolicy Networks Security Advisory
 

Adobe Shockwave Player Remote Buffer Overflow Vulnerability
Date Discovered: 01/21/2010
Severity: High
Application Affected: Adobe Shockwave Player 11.5.2.602 and earlier
Type: Remote
Identifiers: CVE-2009-4002
Synopsis

Adobe Shockwave Player is prone to a buffer overflow vulnerability, which could be exploited to execute arbitrary code on the affected system.
Recommended Actions
Update the patches as guided by vendor at :
http://www.adobe.com/support/security/bulletins/apsb10-03.html
Threat Analysis

Adobe Shockwave is a well known multimedia player developed by Macromedia. There exists a heap-based buffer overflow vulnerability in Adobe Shockwave Player 11.5.2.602 and earlier versions.

The flaw exists due to integer overflow errors when processing shockwave files or 3D models. An attacker may exploit this vulnerability by persuading a victim to open specially crafted shockwave file, and possibly execute malicious code or launch further attacks on the target system.
References

http://www.securityfocus.com/bid/37870
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-4002
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4002

Write-up by: Dheeraj Johri

3