[CAL-2011-0055]Adobe Shockwave Player Parsing block_cout memory corruption vulnerability
Discover: instruder of code audit labs of vulnhunt.com CAL: CAL-2011-0055 CVE: CVE-2012-0759
adobe security bulletins http://www.adobe.com/support/security/bulletins/apsb12-02.html
Test Version: Adobe Shockeave Player 188.8.131.523 Adobe Shockwave Player 184.108.40.2069 and prior
When adobe shockwave player parsing the field of KEY_ATOM of Director File, it don't have proper check,this will lead the key atom pointer overwrite. Successfully exploited this vulnerability will lead to arbitrary code execution.
This vulnerability will lead the key atom pointer overwrite Successfully exploited this vulnerability will lead to arbitrary code execution.
Code Audit Labs secure your software,provide Professional include source code audit and binary code audit service. Code Audit Labs:" You create value for customer,We protect your value" http://www.VulnHunt.com http://blog.vulnhunt.com http://t.qq.com/vulnhunt http://weibo.com/vulnhunt