| VID |
28293 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of Shockwave Player which is older than 11.5.9.620 has been installed on the host. remote Windows host contains a web browser plugin which is affected by multiple vulnerabilities. The remote Windows host contains a version of Adobe's Shockwave Player that is earlier than 11.5.9.620. Such versions are potentially affected by multiple issues.
The remote Windows host contains a version of Adobe's Shockwave
Player that is earlier than 11.5.9.620. Such versions are potentially
affected by the following issues :
- Several unspecified errors exist in the 'dirapi.dll' module that may allow arbitrary code execution. (CVE-2010-2587, CVE-2010-2588, CVE-2010-4188)
- An error exists in the 'dirapi.dll' module related to an integer overflow and that may allow arbitrary code execution. (CVE-2010-2589)
- It is reported that a use-after-free error exists in an unspecified compatibility component related to the 'Settings' window and an unloaded, unspecified library. This error is reported to allow arbitrary code execution when a crafted, malicious website is visited. (CVE-2010-4092)
- Unspecified errors exist that may allow arbitrary code execution or memory corruption. The attack vectors is unspecified. (CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, CVE-2010-4306, CVE-2011-0555)
- An input-validation error exists in the 'IML32' module that may allow arbitrary code execution when processing global color table size of a GIF image contained in a Director movie. (CVE-2010-4189)
- An unspecified input-validation error exists that may allow arbitrary code execution through unspecified vectors. (CVE-2010-4193)
- An unspecified input-validation error exists in the 'dirapi.dll' module that may allow arbitrary code execution through unspecified vectors. (CVE-2010-4194)
- An integer overflow error exists in the '3D Assets' module when parsing 3D assets containing the record type '0xFFFFFF45'. This error may allow arbitrary code execution. (CVE-2010-4196)
- An input-validation error exists in the 'DEMUX' chunks parsing portion of the 'TextXtra.x32' module. This error may allow arbitrary code execution. (CVE-2010-4195)
- An unspecified buffer overflow error exists that may allow arbitrary code execution through unspecified vectors. (CVE-2010-4307)
- An error exists in the 'PFR1' chunks parsing portion of the 'Font Xtra.x32' module. This error may allow arbitrary code execution. (CVE-2011-0556)
- An unspecified integer overflow error exists that may allow arbitrary code execution through unspecified vectors.(CVE-2011-0557)
- An error exists in the 'Font Xtra.x32' module related to signedness that may allow arbitrary code execution. (CVE-2011-0569)
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.zerodayinitiative.com/advisories/ZDI-11-078/
http://www.zerodayinitiative.com/advisories/ZDI-11-079/
http://www.zerodayinitiative.com/advisories/ZDI-11-080/
http://www.adobe.com/support/security/bulletins/apsb11-01.html
* Platforms Affected:
Shockwave Player versions prior to 11.5.9.620
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version Shockwave Player (11.5.9.620 or later), available from the Adobe Web site at http://get.adobe.com/shockwave/ |
| Related URL |
CVE-2010-2587,CVE-2010-2588,CVE-2010-2589,CVE-2010-4092,CVE-2010-4093,CVE-2010-4187,CVE-2010-4188,CVE-2010-4189,CVE-2010-4190 (CVE) |
| Related URL |
44617,46284,46316,46317,46318,46319,46320,46321,46324,46325,46326,46327,46328,46329,46330,46332,46333,46334,46335,46336 (SecurityFocus) |
| Related URL |
(ISS) |
|
