Fortinet Discovers Adobe Shockwave Player Vulnerability
Fortinet's FortiGuard Labs has discovered a memory corruption vulnerability in Adobe Shockwave Player.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Adobe.Shockwave.Remote.Memory.Corruption (previous name is FG-VD-13-011-Adobe)
Released Mar 20, 2013
Users should apply the solution provided by Adobe.
The vulnerability can be triggered when opening a maliciously crafted dir file which contains a malformed field. It could allow an attacker to execute arbitrary code on the affected system.
This vulnerability was discovered by Honggang Ren of Fortinet's FortiGuard Labs.