SB2012050903 - Multiple vulnerabilities in Adobe Shockwave Player
Published: May 9, 2012 Updated: August 11, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 5 secuirty vulnerabilities.
1) Buffer overflow (CVE-ID: CVE-2012-2029)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2030, CVE-2012-2031, CVE-2012-2032, and CVE-2012-2033.
2) Buffer overflow (CVE-ID: CVE-2012-2030)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2031, CVE-2012-2032, and CVE-2012-2033.
3) Buffer overflow (CVE-ID: CVE-2012-2031)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2032, and CVE-2012-2033.
4) Buffer overflow (CVE-ID: CVE-2012-2032)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2031, and CVE-2012-2033.
5) Buffer overflow (CVE-ID: CVE-2012-2033)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2031, and CVE-2012-2032.
Remediation
Install update from vendor's website.
References
- http://secunia.com/advisories/49086
- http://www.adobe.com/support/security/bulletins/apsb12-13.html
- http://www.securityfocus.com/bid/53420
- http://www.securitytracker.com/id?1027037
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75458
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75459
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75460
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75461
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75462