Intrusion Prevention

Adobe.Shockwave.Player.Dir.File.Remote.Code.Execution

Description

This indicates an attempt to exploit a remote Code Execution vulnerability in Adobe Shockwave Player.
This vulnerability is due to an error that occurs when the vulnerable software handles a malformed .DIR file. An attacker may exploit this to execute arbitrary code via a crafted .DIR file.

Affected Products

Adobe Shockwave player 11.6.8.638 and earlier versions

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's advisory for updates:
http://www.adobe.com/support/security/bulletins/apsb13-06.html

CVE References

CVE-2013-0635