Multiple buffer overflows in the Shockwave3DAsset component in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.
http://www.us-cert.gov/cas/techalerts/TA11-166A.html
http://www.adobe.com/support/security/bulletins/apsb11-17.html