Security Best Practice: Suspicious Adobe Director Files
| Check Point Reference: | SBP-2010-21 | |
| Date Published: | ||
| Severity: | ||
| Source: | IPS Research Center | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Shockwave Player | ||
| Vulnerability Description Multiple vulnerabilities have been identified in Adobe Shockwave Player. Adobe Shockwave is a multimedia player that allows Adobe Director applications to be published on the Internet and viewed in a web browser by anyone who has the Shockwave plug-in installed. An attacker can exploit these issues via a specially crafted Director file. A remote attacker may exploit these vulnerabilities to create a denial of service condition or to take complete control of an affected system. |
||
|
Vulnerability Details The vulnerabilities are due to memory corruption, integer overflow, buffer overflow, and boundary errors in Adobe Shockwave Player that fails to properly handle Director files. A remote attacker could trigger these flaws by convincing a victim to open a specially crafted Director file. Successful exploitation of this issue may corrupt system memory, allowing execution of malicious code on the affected system. |
Protection Overview
This protection detects and blocks the transferring of suspicious Adobe Director files over HTTP.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.