»IPS Research Team Discovers Six Vulnerabilities in Adobe Shockwave Player
On August 24th 2010, Adobe announced an update for the Shockwave Player application that addresses several vulnerabilities, six of which were discovered by a member of the Check Point IPS Research Team.
Adobe Shockwave Player is a multimedia player that allows movies, animations, and games created in Adobe Director to be published on the Internet and viewed in a web browser by anyone who has the Shockwave plug-in installed.
The Shockwave Player vulnerabilities are all caused by various issues in processing Director media files. Potential exploits range from causing a system’s internet browser to become non-responsive via a denial-of-service condition to allowing execution of malicious code, thereby allowing an attacker to take complete control of the affected system. Here are details about the vulnerabilities and links to the protections available from Check Point.
MMAP Index Memory Corruption*Shockwave Player VulnerabilityIndustry ReferenceCheck Point Protection
Parsing Memory Corruption*
MCsL Parsing Memory Corruption*
CASt Parsing Memory Corruption*
IML32.dll XtcL Denial of Service*
rcsL Chunk Symbol Access Violations*
rcsL Chunk Pointer Offset Heap Overflow
DIRAPI.dll Denial of Service
IML32.dll Memory Corruption
MMAP Size Memory Corruption
* Indicates a vulnerability discovered by the Check Point IPS Research Team
These vulnerabilities exist in of Shockwave Player versions 220.127.116.119 and earlier.
Check Point recommends applying the latest vendor patches. You can also get immediate protection for unpatched systems by applying the latest IPS updates. The IPS Software Blade will then detect and block malformed Director media files from being transferred over HTTP.
The Check Point IPS Research team conducts original research on network, protocol and application vulnerabilities. The team also actively monitors and where appropriate communicates with white, black and grayhat communities to identify vulnerabilities and potential exploits before they are introduced into the wild. This research is used to develop and disseminate defenses through relevant Update Services components.
Acknowledgements go to Rodrigo Rubira Branco, a member of the Check Point IPS Research Team, for discovering and reporting six of the vulnerabilities as noted in the table above.
Published August 25, 2010
Legal Notice for Threat Center Advisories
August 25, 2010
©Copyright 2010 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065