Back to list
[CAL-20100204-3]Adobe Shockwave Player Director File Parsing RCSL Pointer Overwrite
May 12 2010 01:40AM
Code Audit Labs (vulnhunt gmail com)
[CAL-20100204-3]Adobe Shockwave Player Director File Parsing RCSL
22.214.171.1242 ,126.96.36.1996 and prior
CVE ID: CVE-2010-1280
CAL ID: CAL-20100204-3
Code Audit Labs http://www.vulnhunt.com has discovered a vulnerability
allows remote attackers to execute code on vulnerable
installations of Adobe's Shockwave Player. User interaction is required
in that a user must visit a malicious web site.
The specific flaw exists when the Shockwave player attempts to load a
specially crafted Adobe Director File. When a malicious value is used
during a memory dereference a possible 4-byte memory overwrite may
occur. Exploitation can lead to remote system compromise under the
credentials of the currently logged in user.
2010-2-6 report to vendor
2010-2-7 vendor ask poc file
2010-2-7 we sent the poc file.
2010-2-8 vendor comfirm the issue.
2010-5-11 Coordinated public release of advisory.
About Code Audit Labs:
Code Audit Labs is department of VulnHunt company which provide a
professional security testing products / services / security consulting
and training ,we sincerely hope we can help your procudes to improve code
quality and safety.
WebSite http://www.VulnHunt.com ( online soon)
[ reply ]
Copyright 2010, SecurityFocus