Zero-Day Advisory
Fortinet Discovers Multiple Adobe Shockwave Player Vulnerabilities
Summary
Fortinet's FortiGuard Labs has discovered multiple memory corruption vulnerabilities in Adobe Shockwave Player.
Solutions
FortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:Adobe.Shockwave.Player.Multiple.Memory.Corruption
Released Feb 15, 2012
Users should apply the solution provided by Adobe.
Additional Information
These vulnerabilities can be triggered by opening maliciously crafted dir file that contains malformed field. They could allow an attacker to execute arbitrary code on the affected system.
References
- CVE-2012-0757, 2012-0760, 2012-0761, 2012-0762, 2012-0763, 2012-0764, 2012-0766
Acknowledgement
Honggang Ren of Fortinet's FortiGuard Labs