Home page logo

fulldisclosure logo Full Disclosure mailing list archives

[CAL-20100204-2]Adobe Shockwave Player Director File Parsing integer overflow vulnerability
From: Code Audit Labs <vulnhunt () gmail com>
Date: Wed, 12 May 2010 09:39:33 +0800

[CAL-20100204-2]Adobe Shockwave Player Director File Parsing integer
overflow vulnerability

Affected Products
================= , and prior

CVE ID: CVE-2010-0129
CAL ID: CAL-20100204-2

Vulnerability Details

Code Audit Labs http://www.vulnhunt.com has discovered a vulnerability
allows remote attackers to execute code on vulnerable
installations of Adobe's Shockwave Player. User interaction is required
in that a user must visit a malicious web site.

The specific flaw exists when the Shockwave player attempts to load a
specially crafted Adobe Director File. When a malicious value is used
extern to signed integer . Exploitation can lead to remote system
compromise under the credentials of the currently logged in user.


Disclosure Timeline
2010-2-6 report to vendor
2010-2-7 vendor ask poc file
2010-2-7 we sent the poc file.
2010-2-8 vendor comfirm the issue.
2010-5-11 Coordinated public release of advisory.

About Code Audit Labs:
Code Audit Labs is department of VulnHunt company which provide a
professional security testing products / services / security consulting
and training ,we sincerely hope we can help your procudes to improve code
quality and safety.
WebSite http://www.VulnHunt.com ( online soon)

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • [CAL-20100204-2]Adobe Shockwave Player Director File Parsing integer overflow vulnerability Code Audit Labs (May 12)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]