Fortinet Discovers Adobe Shockwave Player Vulnerability
Fortinet's FortiGuard Labs has discovered a memory corruption vulnerability in Adobe Shockwave Player.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Adobe.Shockwave.Player.Memory.Corruption (previous name is FG-VD-12-025-Adobe)
Released Nov 08, 2012
Users should apply the solution provided by Adobe.
The vulnerability can be triggered when opening a maliciously crafted dir file which contains a malformed field. It could allow an attacker to execute arbitrary code on the affected system.
Honggang Ren of Fortinet's FortiGuard Labs