Adobe.Shockwave.Director.tSAC.Chunk.Code.Execution

Release Date Aug 19, 2010
Severity critical
Impact System compromise Denial of service
Description This indicates a possible attack against a digital-signature-checking vulnerability in Adobe Shockwave Player. The vulnerability is caused by the improper parsing of tSAC chunk data by the vulnerable software. A remote attacker may exploit this to execute arbitrary code or cause denial of service.
Affected Products Shockwave Player 11.5.7.609 and earlier versions for Windows and Macintosh
Recommended Actions Refer to the vendor's advisory: http://www.adobe.com/support/security/bulletins/apsb10-20.html
Coverage IPS VCM
Common Vulnerabilities and Exposures (CVE) CVE-2010-2866
Reference/s http://www.adobe.com/support/security/bulletins/apsb10-20.html http://www.exploit-db.com/exploits/15076/

Fortinet