Signature Detail

HTTP: Adobe Shockwave Director File KEY Chunk Parsing Buffer Overflow

A buffer overflow vulnerability exists in Adobe Shockwave Player. The vulnerability is due to an error allocating a buffer for the KEY* element in a Director file, which leads to copying data from the file past the end of this buffer. A remote attacker can exploit this vulnerability by enticing a target user to visit a maliciously crafted web site. Successful exploitation could result in execution of arbitrary code within the security context of the currently logged on user. An unsuccessful exploit attempt may terminate the affected application abnormally.

Extended Description

Adobe Shockwave Player is prone to multiple remote memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Versions prior to Adobe Shockwave Player 11.6.0.626 are vulnerable. NOTE: These issues were previously documented in BID 48270 (Adobe Shockwave Player APSB11-17 Multiple Remote Vulnerabilities) but have been given their own record to better document them.

Affected Products

• Adobe Shockwave Player 11
• Adobe Shockwave Player 11.0.0.456
• Adobe Shockwave Player 11.0.3.471
• Adobe Shockwave Player 11.5.0.595
• Adobe Shockwave Player 11.5.0.596
• Adobe Shockwave Player 11.5.0.600
• Adobe Shockwave Player 11.5.0.601
• Adobe Shockwave Player 11.5.1.601
• Adobe Shockwave Player 11.5.2.602
• Adobe Shockwave Player 11.5.2.606
• Adobe Shockwave Player 11.5.6.606
• Adobe Shockwave Player 11.5.7.609
• Adobe Shockwave Player 11.5.8.612
• Adobe Shockwave Player 11.5.9.615
• Adobe Shockwave Player 11.5.9.620

References

• BugTraq: 48300
• CVE: CVE-2011-2111