Security & Privacy

Adobe Shockwave Player Update Patches 6 Security Flaws

Posted on by

Today Adobe released security updates for its Shockwave Player plugin for Macintosh and Windows platforms. This update patches six vulnerabilities that “could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system,” the company said in its security bulletin (APBS12-23). Shockwave Player resolves five buffer overflow vulnerabilities that could lead to code execution: CVE-2012-4172, CVE-2012-4173, CVE-2012-4174, CVE-2012-4175, CVE-2012-5273. Additionally, it resolves an array out of bounds vulnerability, CVE-2012-4176, that could lead to code execution if an attacker successfully exploits the flaw.

Adobe Shockwave Player (11.1 MB) is available here.