Detections
Analytics
Shockwave Player Crafted Director File Handling Remote Code Execution (APSB09-08)
high Nessus Plugin ID 39564
Synopsis
The remote Windows host contains a browser plugin that is affected by a pointer overwrite vulnerability.Description
The remote Windows host contains a version of Adobe's Shockwave Player that is earlier than 11.5.0.600. Such versions are reportedly affected by a vulnerability that can be triggered using a specially crafted Adobe Director File to overwrite a 4-byte memory location during a memory dereference. If an attacker can trick a user of the affected software into opening such a file, he can leverage this issue to execute arbitrary code with the privileges of that user.Solution
Uninstall all instances of Shockwave Player version 11.5.0.596 and earlier, restart the system, and then install version 11.5.0.600 or later.See Also
https://www.zerodayinitiative.com/advisories/ZDI-09-044/
https://www.adobe.com/support/security/bulletins/apsb09-08.html
Plugin Details
Severity: High
ID: 39564
File Name: shockwave_player_apsb09_08.nasl
Version: 1.20
Type: local
Agent: windows
Family: Windows
Published: 6/28/2009
Updated: 9/22/2020
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 6.9
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:adobe:shockwave_player
Required KB Items: SMB/Registry/Enumerated
Exploit Ease: No known exploits are available
Reference Information
CVE: CVE-2009-1860
BID: 35469
IAVT: 0001-T-0713