Adobe issues alert on Shockwave Player 3D graphics flaws

Vulnerabilities could allow an attacker to infect victims with malware and take control of an infected machine.

Adobe Systems Inc. issued a critical update to its Shockwave Player repairing eight vulnerabilities that could enable attackers to infect machines with data stealing malware.

In an update issued Wednesday, Adobe said the update affects Shockwave Player 11.5.2.602 and earlier versions for Windows and Macintosh. The software maker urged users to uninstall Shockwave Player and reinstall the latest version: Shockwave version 11.5.6.606.

The updates resolve a buffer overflow vulnerability and multiple integer overflow vulnerabilities that could lead to code execution.

Shockwave Player is one of the most widely distributed pieces of software, with more than 450 million users. Danish vulnerability clearinghouse, Secunia Research gave the Shockwave Player flaws a highly critical rating. The errors can be exploited when malicious code forces the player to render 3D graphics models. The issues were discovered by Secunia researcher Alin Rad Pop.

Dig deeper on Security patch management and Windows Patch Tuesday news

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close