Intrusion Prevention

Adobe.Shockwave.Player.IML32.DLL.Memory.Corruption

Description

This indicates an attack attempt against a memory-corruption vulnerability in Adobe Shockwave Player.
The vulnerability is caused by an error when the vulnerable software handles a "DIR" file with an invalid value. It could lead to remote code execution.

Affected Products

Shockwave Player 11.5.6.606 and earlier versions

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Please refer to the vendor's advisory for updates:
http://www.adobe.com/support/security/bulletins/apsb10-12.html

CVE References

CVE-2010-1290