Adobe Shockwave Player Director File Parsing Pointer Overwrite Vulnerability

2009-06-24T00:00:00
ID ZDI-09-044
Type zdi
Reporter Paul Kurczaba
Modified 2009-11-09T00:00:00

Description

This vulnerability allows remote attackers to execute code on vulnerable installations of Adobe's Shockwave Player. User interaction is required in that a user must visit a malicious web site.

The specific flaw exists when the Shockwave player attempts to load a specially crafted Adobe Director File. When a malicious value is used during a memory dereference a possible 4-byte memory overwrite may occur. Exploitation can lead to remote system compromise under the credentials of the currently logged in user.