Signature Detail
Short Name |
HTTP:STC:ADOBE:CVE-2010-2873-CE |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Adobe Director CVE-2010-2873 Remote Code Execution |
Release Date |
2015/06/08 |
Update Number |
2503 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Adobe Director CVE-2010-2873 Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Adobe Director. A successful attack can lead to memory corruption and arbitrary code execution.
Extended Description
Adobe Shockwave Player is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed attacks may cause a denial-of-service condition. Adobe Shockwave Player 11.5.7.609 and prior are vulnerable. NOTE: This issue was previously covered in BID 42657 (Adobe Shockwave Player APSB10-20 Multiple Remote Vulnerabilities) but has been given its own record to better document it.
Affected Products
- Adobe Shockwave Player 11.5.0.596
- Adobe Shockwave Player 11.5.0.600
- Adobe Shockwave Player 11.5.0.601
- Adobe Shockwave Player 11.5.1.601
- Adobe Shockwave Player 11.5.2.602
- Adobe Shockwave Player 11.5.2.606
- Adobe Shockwave Player 11.5.6.606
- Adobe Shockwave Player 11.5.7.609
References
- BugTraq: 42682
- CVE: CVE-2010-2873