Shockwave Player <

This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.

Synopsis :

The remote Windows host contains a web browser plugin that is
affected by multiple vulnerabilities.

Description :

The remote Windows host contains a version of Adobe's Shockwave Player
that is earlier than Such versions are potentially
affected by the following issues :

- Multiple memory corruption issues exist that could lead
to arbitrary code execution. (CVE-2010-2863,
CVE-2010-2864, CVE-2010-2866, CVE-2010-2869,
CVE-2010-2870, CVE-2010-2871, CVE-2010-2872,
CVE-2010-2873, CVE-2010-2873, CVE-2010-2874,
CVE-2010-2875, CVE-2010-2876, CVE-2010-2877,
CVE-2010-2878, CVE-2010-2880, CVE-2010-2881,

- A pointer offset vulnerability exists that could lead to
code execution. (CVE-2010-2867)

- Multiple unspecified denial of service issues exist.
(CVE-2010-2865, CVE-2010-2868)

- An integer overflow vulnerability exists that could lead
to lead to code execution. (CVE-2010-2879)

See also :

Solution :

Upgrade to Adobe Shockwave or later.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true