Adobe Systems Inc. is warning customers about a critical flaw in Shockwave Player that could be used by an attacker...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
to take complete control of a victim's machine.
The flaw is in Adobe Shockwave Player 220.127.116.116 and earlier versions. An error occurs when the player processes Shockwave Player 10 content and can be exploited to corrupt memory via a specially crafted Adobe Director file.
Adobe is urging users to uninstall versions prior to 18.104.22.1680, restart their system and install version 22.214.171.1240.
Danish vulnerability clearinghouse Secunia gave the flaw a highly critical rating. So far there have been no reports of exploits in the wild.
The vulnerability was discovered by security researcher Paul Kurczaba and reported to TippingPoint's Zero Day Initiative.