This application requires Javascript for optimal performance.

Fortinet Discovers Multiple Adobe Shockwave Player Vulnerabilities (APSB10-12)

Summary:

Fortinet's FortiGuard Labs has discovered seven vulnerabilities in Adobe Shockwave Player that could compromise the affected system.

Impact:

System Compromise

Risk:

Critical

Affected Software:

For a list of Adobe versions affected, please see the references below.

Additional Information:
  • Memory Corruption occurs when Shockwave Player parses ".dir" media file that can lead to exploitation. (CVE-2010-1280,CVE-2010-1286,CVE-2010-1287,CVE-2010-1289,CVE-2010-1290,CVE-2010-1291).
  • Heap overflow that can lead to exploitation. (CVE-2010-1288).

Vulnerabilities are being exploited to run malicious code on the affected system.

Solutions:
  • Users should apply the solution provided by Adobe.
  • FortiGuard Labs released the following signatures to protect against these vulnerabilities
    • "Adobe.Shockwave.Player.Dir.Invalid.Length.Code.Execution", previously released as "FG-VD-10-013-Adobe" (CVE-2010-1280)
    • "Adobe.Shockwave.Player.Dir.File.DEMX.Tag.Memory.Corruption", previously released as "FG-VD-10-004-Adobe" (CVE-2010-1286)
    • "Adobe.Shockwave.Player.Dir.File.Length.Field.Memory.Corruption", previously released as "_FG-VD-10-006-Adobe" (CVE-2010-1287)
    • "Adobe.Shockwave.Player.Dir.File.Parsing.Heap.Exhaustion", previously released as "FG-VD-10-007-Adobe" (CVE-2010-1288)
    • "Adobe.Shockwave.Player.Dir.File.Handling.Memory.Corruption", previously released as "FG-VD-10-008-Adobe" (CVE-2010-1289)
    • "Adobe.Shockwave.Player.IML32.Dll.Memory.Corruption", previously released as "FG-VD-10-011-Adobe" (CVE-2010-1290)
    • "Adobe.Shockwave.Player.Dir.File.Parsing.Access.Violation", previously released as "FG-VD-10-009-Adobe" (CVE-2010-1291)


References:

Acknowledgment:
  • Honggang Ren of Fortinet's FortiGuard Labs (CVE-2010-1280,CVE-2010-1286,CVE-2010-1287,CVE-2010-1289,CVE-2010-1290,CVE-2010-1291,CVE-2010-1288).