»IPS Research Team Discovers Six Vulnerabilities in Adobe Shockwave Player
(APSB10-20)
Vulnerability
On August 24th 2010, Adobe announced an update for the Shockwave Player application that addresses several vulnerabilities, six of which were discovered by a member of the Check Point IPS Research Team.

Details
Adobe Shockwave Player is a multimedia player that allows movies, animations, and games created in Adobe Director to be published on the Internet and viewed in a web browser by anyone who has the Shockwave plug-in installed.

The Shockwave Player vulnerabilities are all caused by various issues in processing Director media files. Potential exploits range from causing a system’s internet browser to become non-responsive via a denial-of-service condition to allowing execution of malicious code, thereby allowing an attacker to take complete control of the affected system. Here are details about the vulnerabilities and links to the protections available from Check Point.
Shockwave Player Vulnerability
Industry Reference
Check Point Protection
MMAP Index Memory Corruption*
CVE-2010-2880
CPAI-2010-249
Parsing Memory Corruption*
CVE-2010-2864
CPAI-2010-253
MCsL Parsing Memory Corruption*
CVE-2010-2881
CPAI-2010-253
CASt Parsing Memory Corruption*
CVE-2010-2868
CPAI-2010-252
IML32.dll XtcL Denial of Service*
CVE-2010-2869
CPAI-2010-251
rcsL Chunk Symbol Access Violations*
CVE-2010-2882
CPAI-2010-254
rcsL Chunk Pointer Offset Heap Overflow
CVE-2010-2867
CPAI-2010-244
DIRAPI.dll Denial of Service
CVE-2010-2865
CPAI-2010-245
IML32.dll Memory Corruption
CVE-2010-2864
CPAI-2010-248
MMAP Size Memory Corruption
CVE-2010-2870
CPAI-2010-250
* Indicates a vulnerability discovered by the Check Point IPS Research Team
Affected Products
These vulnerabilities exist in of Shockwave Player versions 11.5.7.609 and earlier.

Solution
Check Point recommends applying the latest vendor patches. You can also get immediate protection for unpatched systems by applying the latest IPS updates. The IPS Software Blade will then detect and block malformed Director media files from being transferred over HTTP.

Acknowledgements
The Check Point IPS Research team conducts original research on network, protocol and application vulnerabilities. The team also actively monitors and where appropriate communicates with white, black and grayhat communities to identify vulnerabilities and potential exploits before they are introduced into the wild. This research is used to develop and disseminate defenses through relevant Update Services components.
Acknowledgements go to Rodrigo Rubira Branco, a member of the Check Point IPS Research Team, for discovering and reporting six of the vulnerabilities as noted in the table above.

Published August 25, 2010
Legal Notice for Threat Center Advisories
August 25, 2010








©Copyright 2010 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065
Check Point’s Privacy Policy.