• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Adobe Corrects 18 Shockwave Security Flaws

May 12, 2010 By The Editor

Summary:

  • This vulnerability affects: Adobe Shockwave Player 11.5.6.606 and earlier, running on Windows and Macintosh computers
  • How an attacker exploits it: By enticing your users into visiting a website containing a malicious Shockwave or Director file
  • Impact: An attacker can execute code on your computer, potentially gaining control of it
  • What to do: If you allow the use of Shockwave in your network, you should download and deploy the latest version (11.5.7.609) of Adobe Shockwave Player as soon as possible.

Exposure:

Adobe Shockwave Player displays interactive, animated web content and movies called Shockwave. According to Adobe, the Shockwave Player is installed on some 450 million PCs.

In a security bulletin released late Tuesday, Adobe warned of eighteen critical vulnerabilities that affect Adobe Shockwave Player 11.5.6.606 for Windows and Macintosh (as well as all earlier versions). Adobe’s bulletin doesn’t describe the flaws in much technical detail. It only describes the nature of each flaw, and its basic impact. For the most part, the flaws consist of memory related vulnerabilities, including buffer overflows, integer overflows, and various other memory corruption flaws. Though these flaws differ technically, they all share the same general scope and impact. If an attacker can entice one of your users into visiting a website containing some sort of malicious Shockwave content, he could exploit any of these vulnerabilities to execute code on that user’s computer, with that user’s privileges. If your Windows users have local administrator privileges, an attacker could exploit this flaw to gain full control of their PC. Adobe’s alert doesn’t describe what type of Shockwave content triggers these various flaws. However, other researchers alerts have disclosed malicious Shockwave (.SWF) and Director (.DCR) files can trigger these vulnerabilities.

If you use Adobe Shockwave in your network, we recommend you download and deploy the latest version as soon as you can.

As an aside, Adobe also released a security bulletin to fix three less severe vulnerabilities in their web application server, ColdFusion. We suspect few of our customers use this less popular application server. However, if you do, we recommend you follow the instructions in this Adobe TechNote to fix these vulnerabilities.

Solution Path

Adobe has released a new version of Shockwave Player, version 11.5.7.609. If you use Adobe Flash in your network, we recommend you download and deploy this updated player as soon as possible.

For All WatchGuard Users:

Some of WatchGuard’s Firebox models allow you to prevent your users from accessing Shockwave content (.SWF and .DCR) via the web (HTTP) or email (SMTP, POP3). If you like, you can temporarily mitigate the risk of this vulnerability by blocking .SWF and .DCR files using your Firebox’s proxy services. That said, many websites rely on Shockwave for interactive content, and blocking it could prevent these sites from working properly.

If you choose to block Shockwave content, follow the links below for video instructions on using your Firebox proxy’s content blocking features to block .SWF and .DCR files by their file extensions:

  • Firebox X Edge running 10.x
    • How do I block files with the FTP proxy?
    • How do I block files with the HTTP proxy?
    • How do I block files with the POP3 proxy?
    • How do I block files with the SMTP proxy
  • Firebox X Core and X Peak running Fireware 10.x
    • How do I block files with the FTP proxy?
    • How do I block files with the HTTP proxy?
    • How do I block files with the POP3 proxy?
    • How do I block files with the SMTP proxy?

Status:

Adobe has released a Shockwave Player update to fix these vulnerabilities.

References:

  • Adobe Shockwave Player Security Bulletin
  • Adobe ColdFusion Security Bulletin

Share This:

Related

Filed Under: Security Bytes Tagged With: Adobe, shockwave

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • Cybersecurity’s Toll on Mental Health

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use