Test ID:	1.3.6.1.4.1.25623.1.0.800443
Category:	Buffer overflow
Title:	Adobe Shockwave Player 3D Model Buffer Overflow Vulnerabilities
Summary:	Check for the version of Adobe Shockwave Player
Description:	Overview: This host has Adobe Shockwave Player installed and is prone to Buffer Overflow vulnerabilities. Vulnerability Insight: These flaws are caused by buffer and integer overflow errors when processing Shockwave files or 3D models, which could be exploited to execute arbitrary code by tricking a user into visiting a specially crafted web page. Impact: Successful attack could allow attackers to execute arbitrary code and compromise a vulnerable system. Impact Level: System/Application Affected Software/OS: Adobe Shockwave Player prior to 11.5.6.606 on Windows. Fix: Upgrade to Adobe Shockwave Player 11.5.6.606 or later. For updates refer to http://get.adobe.com/shockwave/otherversions/ References: http://secunia.com/secunia_research/2009-61/ http://www.vupen.com/english/advisories/2010/0171 http://securitytracker.com/alerts/2010/Jan/1023481.html http://www.adobe.com/support/security/bulletins/apsb10-03.html http://www.securityfocus.com/archive/1/archive/1/509062/100/0/threaded
Cross-Ref:	BugTraq ID: 37872 BugTraq ID: 37870 Common Vulnerability Exposure (CVE) ID: CVE-2009-4003 Bugtraq: 20100120 Secunia Research: Adobe Shockwave Player 3D Model Two Integer Overflows (Google Search) http://www.securityfocus.com/archive/1/archive/1/509058/100/0/threaded Bugtraq: 20100120 Secunia Research: Adobe Shockwave Player Four Integer Overflow Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/archive/1/509055/100/0/threaded Bugtraq: 20100120 Secunia Research: Adobe Shockwave Player Integer Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/archive/1/509053/100/0/threaded http://secunia.com/secunia_research/2009-62/ http://secunia.com/secunia_research/2009-63/ http://secunia.com/secunia_research/2010-1/ http://www.securityfocus.com/bid/37872 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8538 http://securitytracker.com/id?1023481 http://secunia.com/advisories/37888 http://www.vupen.com/english/advisories/2010/0171 XForce ISS Database: shockwave-shockwave-bo(55759) http://xforce.iss.net/xforce/xfdb/55759 Common Vulnerability Exposure (CVE) ID: CVE-2009-4002 Bugtraq: 20100120 Secunia Research: Adobe Shockwave Player 3D Model Buffer Overflow (Google Search) http://www.securityfocus.com/archive/1/archive/1/509062/100/0/threaded http://secunia.com/secunia_research/2009-61/ http://www.securityfocus.com/bid/37870 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8311 XForce ISS Database: shockwave-3d-bo(55758) http://xforce.iss.net/xforce/xfdb/55758
Copyright	Copyright (c) 2010 Greenbone Networks GmbH

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: