Adobe Shockwave Player 3D Models Buffer Overflow Vulnerability

Overview

» IDS/IPS Signatures

Security Sites

iPolicy Networks Security Advisory


Date Discovered:	01/21/2010
Severity:	High
Application Affected:	Adobe Shockwave Player 11.5.2.602 and earlier
Type:	Remote
Identifiers:	CVE-2009-4003

Synopsis

Adobe Shockwave Player is prone to a buffer overflow vulnerability, which could be exploited to execute arbitrary code on the affected system.

Recommended Actions

Update the patches as guided by vendor at :
http://www.adobe.com/support/security/bulletins/apsb10-03.html

Threat Analysis

Adobe Shockwave is a well known multimedia player developed by Macromedia. There exists a heap-based buffer overflow vulnerability in Adobe Shockwave Player 11.5.2.602 and earlier versions.

The flaw exists due to improper bounds checking when processing Shockwave 3D models. An attacker may exploit this vulnerability by persuading a victim to open specially crafted shockwave file, and possibly execute malicious code or launch further attacks on the target system.

References

http://www.securityfocus.com/bid/37872
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-4003
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4003

Write-up by: Dheeraj Johri