/>
X
Business

Critical flaws haunt Adobe Shockwave Player

The vulnerabilities affect Adobe Shockwave Player 11.5.2.602 and earlier versions, on the Windows and Mac operating systems.
Written by Ryan Naraine, Contributor on

Adobe's run on the patching treadmill continued this week with a "critical" update to fix a pair of code execution holes in its Shockwave Player.

The vulnerabilities affect Adobe Shockwave Player 11.5.2.602 and earlier versions, on the Windows and Mac operating systems. 

According to an Adobe advisory,  an attacker who successfully exploits the vulnerabilities could run malicious code on the affected system.

  • This update resolves a buffer overflow vulnerability that could potentially lead to code execution (CVE-2009-4002).
  • This update resolves multiple integer overflow vulnerabilities that could potentially lead to code execution (CVE-2009-4003).

Adobe recommends Shockwave Player users uninstall Shockwave version 11.5.2.602 and earlier on their systems, restart their systems, and install Shockwave version 11.5.6.606.

Adobe says more than  450 million Internet-enabled desktops have installed Adobe Shockwave Player.

Editorial standards

Related

The 16 best Cyber Monday deals under $30 still available
Amazon Fire TV Stick 4K

The 16 best Cyber Monday deals under $30 still available

Epson is going to stop selling laser printers. Here's why
piles-of-paper.jpg

Epson is going to stop selling laser printers. Here's why

Apple names the 16 best apps and games of 2022, with BeReal taking top honors
App Store icon

Apple names the 16 best apps and games of 2022, with BeReal taking top honors