/>
X

Adobe zaps critical Shockwave vulnerabilities

Adobe joined the Patch Tuesday train today with the release of patches for at least 21 documented security vulnerabilities in the Shockwave and ColdFusion product lines.
ryan-naraine.jpg
Written by Ryan Naraine on

Adobe joined the Patch Tuesday train today with the release of patches for at least 21 documented security vulnerabilities in the Shockwave and ColdFusion product lines.

According to the APSB10-12 security bulletin, 18 of the 21 flaws affected the Shockwave Player, a free software product that lets users view rich-media content on the web.

Here's the skinny:

Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.6.606 and earlier versions for Windows and Macintosh. The vulnerabilities could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system.

This bulletin is rated "critical" and Adobe recommends users of Adobe Shockwave Player 11.5.6.606 and earlier versions update to Adobe Shockwave Player 11.5.7.609.

The second bulletin (APSB10-11) is rated "important" and fixes three flaws that could lead to cross-site scripting and information disclosure issues.

These vulnerabilities affect ColdFusion 8.0, 8.0.1, 9.0 and earlier versions for Windows, Macintosh and UNIX.

Adobe said none of the fixes in this update involve zero-day issues or exploits in the wild.

Related

Apple politely explains why iPhone cases are a waste of money
Apple iPhone 13 Pro Max

Apple politely explains why iPhone cases are a waste of money

Apple
The 8 best iPhone models of 2022
iphone-12-models.png

The 8 best iPhone models of 2022

iPhone
Delta Air Lines just made a callous admission that customers may find galling
screen-shot-2022-07-18-at-5-18-46-pm.png

Delta Air Lines just made a callous admission that customers may find galling

Business