Adobe Shockwave Player <= 220.127.116.117 Multiple Vulnerabilities (APSB12-23) (Mac OS X)
High Nessus Plugin ID 80182
SynopsisThe remote Mac OS X host contains a web browser plugin that is affected by multiple vulnerabilities.
DescriptionThe remote Mac OS X host contains a version of Adobe Shockwave Player that is equal to or prior than 18.104.22.1687. It is, therefore, affected by the following vulnerabilities :
- Several unspecified errors exist that can lead to buffer overflow vulnerabilities and possible code execution. (CVE-2012-4172, CVE-2012-4173, CVE-2012-4174, CVE-2012-4175, CVE-2012-5273)
- An array out-of-bounds error exists that allows code execution. (CVE-2012-4176)
A remote attacker can exploit these issues by tricking a user into viewing a malicious Shockwave file, resulting in arbitrary code execution.
SolutionUpgrade to Adobe Shockwave Player 22.214.171.1248 or later.