Update Protection against Adobe Shockwave Player DIR Files PAMI Chunk Code Execution Vulnerability (APSB10-12)
| Check Point Reference: | CPAI-2010-084 | |
| Date Published: | ||
| Severity: | ||
| Source: | Adobe Security Bulletin APSB10-12 | |
| Industry Reference(s): | CVE-2010-1292 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Adobe Systems Shockwave Player 11.5.6.606 and Prior | ||
| Vulnerability Description A remote code execution vulnerability has been identified in Adobe Shockwave Player. Adobe Shockwave is a multimedia player that allows Adobe Director applications to be published on the Internet and viewed in a web browser by anyone who has the Shockwave plug-in installed. An attacker can exploit this issue via a specially crafted DIR file. A remote attacker may exploit this vulnerability to take complete control of an affected system. |
||
|
Update/Patch Available Apply Hotfix: Adobe Security Bulletin APSB10-12 |
|
|
Vulnerability Details The vulnerability is due to an input validation error in Adobe Shockwave Player while parsing specially crafted PAMI RIFF chunk data in a DIR file. A remote attacker can exploit this issue by enticing a user to open a malicious DIR file. Successful exploitation of this vulnerability would allow arbitrary code execution. |
Protection Overview
This protection detects and blocks the transferring of Adobe DIR files over HTTP.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.