| VID |
50003 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The remote Windows host contains a version of Adobe's Shockwave Player that is earlier than 11.6.0.626. Such versions are potentially affected by the following issues :
- Multiple memory-corruption vulnerabilities affect the 'Dirapi.dll' component that can result in arbitrary code execution. (CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-2119, CVE-2011-0335, CVE-2011-2122)
- An arbitrary code-execution vulnerability occurs due to an unspecified design flaw. (CVE-2011-2108)
- Multiple integer-overflow vulnerabilities affect the 'Dirapi.dll' component that can result in arbitrary code execution. (CVE-2011-2109)
- Multiple memory-corruption vulnerabilities affect the 'IML32.dll' component that can result in arbitrary code execution. (CVE-2011-2111, CVE-2011-2115, CVE-2011-2116)
- Multiple buffer-overflow vulnerabilities affect the 'IML32.dll' component that can result in arbitrary code execution. (CVE-2011-2112)
- Multiple buffer-overflow vulnerabilities affect the 'Shockwave3DAsset' component that can result in arbitrary code execution. (CVE-2011-2113)
- Multiple unspecified memory-corruption vulnerabilities can result in arbitrary code execution. (CVE-2011-2114, CVE-2011-2117, CVE-2011-2124, CVE-2011-2127, CVE-2011-2128)
- An input-validation vulnerability affects the 'FLV ASSET Xtra' component that can result in arbitrary code execution. (CVE-2011-2118)
- An integer-overflow vulnerability affects the 'CursorAsset x32' component that can result in arbitrary code execution. (CVE-2011-2120)
- An unspecified integer-overflow vulnerability can result in arbitrary code execution. (CVE-2011-2121)
- An integer-overflow vulnerability affects the 'Shockwave 3D Asset x32' component that can result in arbitrary code execution. (CVE-2011-2123)
- A buffer-overflow vulnerability affects the 'Dirapix.dll' component that can result in arbitrary code execution. (CVE-2011-2125)
- An unspecified buffer-overflow vulnerability can result in arbitrary code execution. (CVE-2011-2126)
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.zerodayinitiative.com/advisories/ZDI-11-200/
http://www.zerodayinitiative.com/advisories/ZDI-11-201/
http://www.zerodayinitiative.com/advisories/ZDI-11-202/
http://www.zerodayinitiative.com/advisories/ZDI-11-203/
http://www.zerodayinitiative.com/advisories/ZDI-11-204/
http://www.zerodayinitiative.com/advisories/ZDI-11-205/
http://www.zerodayinitiative.com/advisories/ZDI-11-206/
http://www.zerodayinitiative.com/advisories/ZDI-11-207/
http://www.zerodayinitiative.com/advisories/ZDI-11-208/
http://www.zerodayinitiative.com/advisories/ZDI-11-209/
http://www.zerodayinitiative.com/advisories/ZDI-11-210/
http://www.zerodayinitiative.com/advisories/ZDI-11-211/
http://www.zerodayinitiative.com/advisories/ZDI-11-212/
http://www.zerodayinitiative.com/advisories/ZDI-11-213/
http://www.zerodayinitiative.com/advisories/ZDI-11-214/
http://www.zerodayinitiative.com/advisories/ZDI-11-215/
http://www.zerodayinitiative.com/advisories/ZDI-11-216/
http://www.zerodayinitiative.com/advisories/ZDI-11-217/
http://www.adobe.com/support/security/bulletins/apsb11-17.html
* Platforms Affected:
Shockwave Player versions prior to 11.6.0.626
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version Shockwave Player (11.6.0.626 or later), available from the Adobe Web site at http://get.adobe.com/shockwave/ |
| Related URL |
CVE-2011-0317,CVE-2011-0318,CVE-2011-0319,CVE-2011-0320,CVE-2011-0335,CVE-2011-2108,CVE-2011-2109,CVE-2011-2111,CVE-2011-2112,CVE-2011-2113 (CVE) |
| Related URL |
48273,48275,48278,48284,48286,48287,48288,48289,48290,48291,48292,48294,48296,48297,48298,48299,48300,48302,48304,48306,48307,48308,48309 (SecurityFocus) |
| Related URL |
(ISS) |
|
