Shockwave Vulnerability
 |
 |
 |
 |
 |
A memory overwrite vulnerability has been identified in Adobe Shockwave Player. A remote attacker may exploit this issue to take complete control of an affected system.
Adobe Shockwave is a multimedia player that allows Adobe Director applications to be published on the Internet and viewed in a web browser. Adobe Shockwave Player 11.5.0.596 and earlier versions are vulnerable.
The vulnerability is due to an error in the Shockwave Player when processing certain Director Movie files. A remote attacker could exploit this via a specially crafted Director Movie file. Successful exploitation may allow the attacker to take control of the vulnerable system.
Through the IPS Software Blade, Check Point provides a protection against attacks that use this vulnerability. This protection will detect and block attempts to transfer malformed Director Movie files over HTTP.