Shockwave Player < 11.5.7.609 Multiple Vulnerabilities (APSB10-12)

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains a web browser plugin that is
affected by multiple vulnerabilities.

Description :

The remote Windows host contains a version of Adobe's Shockwave Player
that is earlier than 11.5.7.609. Such versions are affected by the
following issues :

- Processing specially crafted FFFFFF45h Shockwave
3D blocks can result in memory corruption.
(CVE-2010-0127, CVE-2010-1283)

- A signedness error that can lead to memory corruption
when processing specially crafted Director files.
(CVE-2010-0128)

- An array indexing error that can lead to memory
corruption when processing specially crafted
Director files. (CVE-2010-0129)

- An integer overflow vulnerability that can lead to
memory corruption when processing specially
crafted Director files. (CVE-2010-0130)

- An unspecified error when processing asset entries
in Director files can lead to memory corruption.
(CVE-2010-0986)

- A boundary error when processing embedded fonts
from a Directory file can lead to memory corruption.
(CVE-2010-0987)

- An unspecified error when processing Director files
can result in memory corruption. (CVE-2010-1280)

- Several unspecified memory corruption vulnerabilities.
(CVE-2010-1281, CVE-2010-1282, CVE-2010-1284,
CVE-2010-1286, CVE-2010-1287, CVE-2010-1288,
CVE-2010-1289, CVE-2010-1290, CVE-2010-1291,
CVE-2010-1292)

See also :

http://secunia.com/secunia_research/2010-17/
http://secunia.com/secunia_research/2010-19/
http://secunia.com/secunia_research/2010-20/
http://secunia.com/secunia_research/2010-22/
http://secunia.com/secunia_research/2010-34/
http://secunia.com/secunia_research/2010-50/
http://www.zerodayinitiative.com/advisories/ZDI-10-087/
http://www.zerodayinitiative.com/advisories/ZDI-10-088/
http://www.zerodayinitiative.com/advisories/ZDI-10-089/
http://www.nessus.org/u?19865c37
http://seclists.org/fulldisclosure/2010/May/136
http://seclists.org/fulldisclosure/2010/May/137
http://seclists.org/fulldisclosure/2010/May/138
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4937.php
http://www.coresecurity.com/content/adobe-director-invalid-read
http://www.adobe.com/support/security/bulletins/apsb10-12.html

Solution :

Upgrade to Adobe Shockwave 11.5.7.609 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true