Intrusion Prevention

Adobe.Shockwave.Remote.rcsL.Memory.Corruption

Description

This indicates an attempt to exploit a Code Execution vulnerability in Adobe Shockwave Player.
This vulnerability is due to an error that occurs when the vulnerable software handles a malformed .DIR file. An attacker may exploit this to execute arbitrary code via a crafted .DIR file.

Affected Products

Adobe Shockwave player 12.0.9.149 and earlier versions

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's advisory for updates:
http://helpx.adobe.com/security/products/shockwave/apsb14-10.html

CVE References

CVE-2014-0505