• Security Gateways
• Security Management
• Endpoint Security
• Appliances
• Software Blade Architecture

• Support Programs
• Professional Services
• Training & Certifications

• Visit our Threat Center

( Adobe Security Bulletin APSB10-25, CVE-2010-4086, CVE-2010-4087, CVE-2010-4088, CVE-2010-4089 )

Summary

Adobe has released a security advisory that details several critical vulnerablities in Shockwave Player, four of which were discovered by the Check Point IPS Research Team.  A remote attacker can exploit these issues via specially crafted DIR files and potentially take complete control of an affected system.

Details

Adobe Shockwave Player is a multimedia application that allows animated content created in Adobe Director to be viewed in a web browser that has the Shockwave plug-in installed.

The vulnerabilities are due to errors in how Adobe Shockwave Player parses certain kinds of data in a Director media file. A remote attacker can exploit these issues by enticing a user to open a malicious DIR file. Successful exploitation of these vulnerabilities leads to memory corruption, which could cause the Player program to crash. An attacker could then execute malicious code on the affected system and take complete control of it.

Affected Products

These issues exist in Adobe Shockwave Player 11.5.8.612 and earlier versions for Windows and Macintosh.

Solution

Check Point recommends that affected systems be patched to Shockwave Player version 11.5.9.615 or later. In the meantime, the Check Point R70/71 IPS Software Blade provides immediate protection of unpatched systems by detecting malformed Adobe DIR files and blocking their transfer over HTTP. For more information, see CPAI-2010-300, CPAI-2010-301, CPAI-2010-302, and CPAI-2010-303.

Acknowlegements

Acknowledgements go to Rodrigo Rubira Branco and Michael Golub, members of the Check Point IPS Research Team, for discovering and reporting these Shockwave Player vulnerabilities.

The Check Point IPS Research Team conducts original research on network, protocol and application vulnerabilities. The team also actively monitors and where appropriate communicates with white, black and grayhat communities to identify vulnerabilities and potential exploits before they are introduced into the wild. This research is used to develop and disseminate defenses through relevant Update Services components.

 

Originally Published:

Last Updated: 04-Nov-2010

Legal Notice for Threat Center Advisories