Adobe Shockwave Player <= 22.214.171.1242 (APSB10-25) (Mac OS X)
High Nessus Plugin ID 80174
SynopsisThe remote Mac OS X host contains a web browser plugin that is affected by multiple vulnerabilities.
DescriptionThe remote Mac OS X host contains a version of Adobe Shockwave Player that is 126.96.36.1992 or earlier. It is, therefore, affected by multiple vulnerabilities :
- A memory corruption issue exists that allows code execution. Note that there are reports that this issue is being exploited in the wild. (CVE-2010-3653)
- A heap-based buffer overflow vulnerability allows code execution. (CVE-2010-2582)
- Multiple memory corruption issues in the 'dirapi.dll' module allow code execution. (CVE-2010-2581, CVE-2010-3655, CVE-2010-4084, CVE-2010-4085, CVE-2010-4086, CVE-2010-4088)
- Multiple memory corruption issues in the 'IML32.dll' module allow code execution. (CVE-2010-4087, CVE-2010-4089)
- A memory corruption issue allows code execution.
SolutionUpgrade to Adobe Shockwave 188.8.131.525 or later.