Shockwave Player <= 22.214.171.124 Multiple Vulnerabilities (APSB13-12)
High Nessus Plugin ID 65913
SynopsisThe remote Windows host contains a web browser plugin that is affected by multiple vulnerabilities.
DescriptionThe remote Windows host contains a version of Adobe's Shockwave Player that is equal to or earlier than 126.96.36.199. It is, therefore, potentially affected by the following vulnerabilities :
- An unspecified buffer overflow exists. (CVE-2013-1383)
- Two unspecified memory corruption errors exist.
- A memory leak error exists that weakens address space randomization. (CVE-2013-1385)
A remote attacker could exploit these issues by tricking a user into viewing a malicious Shockwave file, resulting in arbitrary code execution.
SolutionUpgrade to Adobe Shockwave Player 188.8.131.52 or later.