Adobe fixes 21 security flaws, issues updated Shockwave Player

Critical vulnerabilities in Shockwave enable an attacker to run malicious code on a victim's computer.

Adobe Systems Inc. issued an update to its Shockwave Player this week, repairing nearly two dozen vulnerabilities that could be used by attackers to infect victim's computers with malware.

The update, which also includes several fixes for its ColdFusion application development platform, repairs memory corruption vulnerabilities and buffer overflow errors.

Users of Shockwave Player 11.5.6.606 and earlier versions should upgrade to 11.5.7.609, Adobe said in its security bulletin.

Vulnerabilities in ColdFusion are rated Important and were identified in ColdFusion 8.0, 8.0.1, 9.0 and earlier versions for Windows, Macintosh and UNIX. Adobe issued a Hotfix to repair the errors, a cross-site scripting (XSS) vulnerability and information disclosure bug. The Hotfix can be manually applied to the ColdFusion platform.

Dig deeper on Securing Productivity Applications

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close