1. Home
2. Support
3. Security advisories

Security bulletin

Security update available for Shockwave Player

Release date: February 8, 2011

Last Updated: February 22, 2011

Vulnerability identifier: APSB11-01

CVE number: CVE-2010-2587, CVE-2010-2588, CVE-2010-2589, CVE-2010-4092,
CVE-2010-4093, CVE-2010-4187, CVE-2010-4188, CVE-2010-4189, CVE-2010-4190,
CVE-2010-4191, CVE-2010-4192, CVE-2010-4193, CVE-2010-4194, CVE-2010-4195,
CVE-2010-4196, CVE-2010-4306, CVE-2010-4307, CVE-2011-0555, CVE-2011-0556,
CVE-2011-0557, CVE-2011-0569

Platform: Windows and Macintosh

Summary

Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.9.615 and earlier
versions on the Windows and Macintosh operating systems. These vulnerabilities could allow an
attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected
system. Adobe recommends users of Adobe Shockwave Player 11.5.9.615 and earlier versions
update to Adobe Shockwave Player 11.5.9.620 using the instructions provided below.

Affected software versions

Shockwave Player 11.5.9.615 and earlier versions for Windows and Macintosh

Solution

Adobe recommends users of Adobe Shockwave Player 11.5.9.615 and earlier versions upgrade to
the newest version 11.5.9.620, available here: http://get.adobe.com/shockwave/.

Note: Due to limitations in MSI versioning, the MSI version will appear as 11.5.10.620 in Add/Remove Programs and Run-Advertised Programs in the case of SMS installation.

Severity rating

Adobe categorizes this as a critical update and recommends that users apply the latest update for
their product installation by following the instructions in the "Solution" section above.

Details

Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.9.615 and earlier
versions on the Windows and Macintosh operating systems. These vulnerabilities could allow an
attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected
system. Adobe recommends users of Adobe Shockwave Player 11.5.9.615 and earlier versions
update to Adobe Shockwave Player 11.5.9.620 using the instructions provided above.

This update resolves a memory corruption vulnerability in the dirapi.dll module that could lead
to code execution (CVE-2010-2587).

This update resolves a memory corruption vulnerability in the dirapi.dll module that could lead
to code execution (CVE-2010-2588).

This update resolves an integer overflow vulnerability in the dirapi.dll module that could lead to
code execution (CVE-2010-2589).

This update resolves a use-after-free vulnerability that could lead to code execution
(CVE-2010-4092).

This update resolves a memory corruption vulnerability that could lead to code execution
(CVE-2010-4093).

This update resolves a memory corruption vulnerability that could lead to code execution
(CVE-2010-4187).

This update resolves a memory corruption vulnerability in the dirapi.dll module that could lead
to code execution (CVE-2010-4188).

This update resolves a memory corruption vulnerability in the IML32 module that could lead to
code execution (CVE-2010-4189).

This update resolves a memory corruption vulnerability that could lead to code execution
(CVE-2010-4190).

This update resolves a memory corruption vulnerability that could lead to code execution
(CVE-2010-4191).

This update resolves a memory corruption vulnerability that could lead to code execution
(CVE-2010-4192).

This update resolves an input validation vulnerability that could lead to code execution
(CVE-2010-4193).

This update resolves an input validation vulnerability in the dirapi.dll module that could lead to
code execution (CVE-2010-4194).

This update resolves an input validation vulnerability in the TextXtra module that could lead to
code execution (CVE-2010-4195).

This update resolves an input validation vulnerability in the Shockwave 3d Asset module that could
lead to code execution (CVE-2010-4196).

This update resolves a memory corruption vulnerability that could lead to code execution
(CVE-2010-4306).

This update resolves a buffer overflow vulnerability that could lead to code execution
(CVE-2010-4307).

This update resolves a memory corruption vulnerability that could lead to code execution
(CVE-2011-0555).

This update resolves a memory corruption vulnerability in the Font Xtra.x32 module that could
lead to code execution (CVE-2011-0556).

This update resolves an integer overflow vulnerability that could lead to code execution
(CVE-2011-0557).

This update resolves a memory corruption vulnerability in the Font Xtra.x32 module that could
lead to code execution (CVE-2011-0569).

Acknowledgments

Adobe would like to thank the following individuals and organizations for reporting the relevant
issues and for working with Adobe to help protect our customers:

• Carsten Eiram, Secunia Research (CVE-2010-2587, CVE-2010-2588, CVE-2010-2589)
• Krystian Kloskowski (h07), working with Secunia Research (CVE-2010-4092)
• Will Dormann of CERT/CC (CVE-2010-4093, CVE-2010-4193, CVE-2010-4194, CVE-2010-4195, CVE-2010-4196)
• Andrzej Dyjak of iDefense Labs (CVE-2010-4187)
• Aaron Portnoy and Logan Brown, TippingPoint DVLabs (CVE-2010-4188, CVE-2010-4189, CVE-2011-0555, CVE-2011-0556)
• Aniway and Luigi Auriemma through TippingPoint's Zero Day Initiative (CVE-2010-4190)
• An anonymous reporter through TippingPoint's Zero Day Initiative (CVE-2010-4191)
• Aniway through TippingPoint's Zero Day Initiative (CVE-2010-4192)
• Mark Yason of IBM's X-Force (CVE-2010-4306, CVE-2010-4307)
• An anonymous reporter through TippingPoint's Zero Day Initiative (CVE-2011-0557)
• Logan Brown and Aaron Portnoy, TippingPoint DVLabs and Luigi Auriemma through TippingPoint's Zero Day Initiative (CVE-2011-0569)

REVISions

February 22, 2011 - Bulletin updated with information on MSI versioning.