Adobe Shockwave Player: Chunk Parsing Vulnerability

Users of Adobe Shockwave Player please be advised of a Chunk Parsing vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Shockwave-SA-10/28/2010: Adobe Shockwave Player – Chunk Parsing Vulnerability
Affected Software

* Adobe Shockwave Player 11.5.8.612

Description of Vulnerability

Secunia Research has discovered a vulnerability in Adobe Shockwave
Player, which may be exploited by malicious people to compromise a
user’s system.

The vulnerability is caused by a function in dirapi.dll not validating
the size and number of sub-chunks inside a “pamm” chunk during initial
parsing of the sub-chunks. This can be exploited to corrupt memory
outside the bounds of a buffer allocated for the “pamm” data via a
specially crafted Director file.

Successful exploitation may allow execution of arbitrary code.Read more at http://www.criticalwatch.com

 

Advertisements