logo
DATABASE RESOURCES PRICING ABOUT US

[CAL-2011-0055]Adobe Shockwave Player Parsing block_cout memory corruption vulnerability

Description

[CAL-2011-0055]Adobe Shockwave Player Parsing block_cout memory corruption vulnerability Discover: instruder of code audit labs of vulnhunt.com CAL: CAL-2011-0055 CVE: CVE-2012-0759 http://blog.vulnhunt.com/index.php/2012/02/15/cal-2011-0055_adobe-shockwave-player-parsing-block_cout-memory-corruption-vulnerability/ adobe security bulletins http://www.adobe.com/support/security/bulletins/apsb12-02.html 1 Affected Products ================= Test Version: Adobe Shockeave Player 11.6.3.633 Adobe Shockwave Player 11.6.1.629 and prior 2 Vulnerability Details ===================== When adobe shockwave player parsing the field of KEY_ATOM of Director File, it don't have proper check,this will lead the key atom pointer overwrite. Successfully exploited this vulnerability will lead to arbitrary code execution. 3 Exploitable? ============ This vulnerability will lead the key atom pointer overwrite Successfully exploited this vulnerability will lead to arbitrary code execution. 4 About Code Audit Labs: ===================== Code Audit Labs secure your software,provide Professional include source code audit and binary code audit service. Code Audit Labs:" You create value for customer,We protect your value" http://www.VulnHunt.com http://blog.vulnhunt.com http://t.qq.com/vulnhunt http://weibo.com/vulnhunt


Related