NUEVA VULNERABILIDAD. Adobe Shockwave Player Active Template Library Remote Code Execution Vulnerability

Publicado: julio 29, 2009 de komz en 03.Vulnerabilidades
Etiquetas:, ,

Adobe Shockwave Player is prone to a remote code-execution vulnerability because it was compiled against the Microsoft Active Template Library (ATL).

Remote attackers can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely result in a denial-of-service condition.

This issue is caused by the vulnerabilities described in Microsoft security advisory 973882 and is related to the following BIDs:

35828 Microsoft Visual Studio Active Template Library COM Object Remote Code Execution Vulnerability
35830 Microsoft Visual Studio Active Template Library NULL String Information Disclosure Vulnerability
35832 Microsoft Visual Studio ATL ‘VariantClear()’ Remote Code Execution Vulnerability

Published:       Jul 28 2009
Updated:         Jul 28 2009

REFERENCIA DE LA VULNERABILIDAD

REFERENCIA ADOBE

fuente: securityfocus.com

adobe-shockwave-player

comentarios
  1. […] Shockwave Player – vulnerabilidad –  Security update available for Shockwave […]

Responder

Por favor, inicia sesión con uno de estos métodos para publicar tu comentario:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Cerrar sesión / Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión / Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión / Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión / Cambiar )

Conectando a %s