Signature Detail
Short Name |
HTTP:STC:DL:SHOCKWAVE-3D-RCE |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Adobe Shockwave Player 3D Parsing Routine Remote Code Execution |
Release Date |
2011/04/19 |
Update Number |
1904 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Adobe Shockwave Player 3D Parsing Routine Remote Code Execution
This signature detects attempts to exploit a known code execution vulnerability in Adobe Shockwave player.Its due to a memory-corruption in the 3D parsing routine when handling type '0xFFFFFF88' records.A successful attack can lead to arbitrary code execution.
Extended Description
Adobe Shockwave Player is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the user running the affected application. Failed attempts will likely cause a denial-of-service condition. Versions prior to Shockwave Player 11.5.9.620 are vulnerable. NOTE: This issue was originally discussed in BID 46284 (Adobe Shockwave Player APSB11-01 Multiple Remote Vulnerabilities) but has been given its own record to better document it.
Affected Products
- Adobe Shockwave Player 11
- Adobe Shockwave Player 11.0.0.456
- Adobe Shockwave Player 11.0.3.471
- Adobe Shockwave Player 11.5.0.595
- Adobe Shockwave Player 11.5.0.596
- Adobe Shockwave Player 11.5.0.600
- Adobe Shockwave Player 11.5.0.601
- Adobe Shockwave Player 11.5.1.601
- Adobe Shockwave Player 11.5.2.602
- Adobe Shockwave Player 11.5.2.606
- Adobe Shockwave Player 11.5.6.606
- Adobe Shockwave Player 11.5.7.609
- Adobe Shockwave Player 11.5.8.612
- Adobe Shockwave Player 11.5.9.615
References
- BugTraq: 46326
- CVE: CVE-2010-4192