Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Adobe Shockwave 12.0.4.144

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
CSI

This thread has been marked as locked.
dstancu Adobe Shockwave 12.0.4.144
Member 20th Sep, 2013 08:34
Ranking: 0
Posts: 6
User Since: 1st Jan, 1970
System Score: N/A
Location: N/A
Hi,

I have deployed Adobe Shockwave 12.0.4.144 to all my client computers ann patch installs fine but if I take a look at insecure installations of Adobe Shockwave I can see that Secunia is detecting version 12.0.4.144 as version 12.0.4.0(take a look at attachment) and of course it marks it as insecure. I checked file version of swinit.exe on several client computers and version installed is correct - 12.0.4.144.
Same behaviour I have seen in previous version of Shockwave 12.0.3.133 that was detected as 12.0.3.0 and marked as insecure.

Is this a bug?

r.danailov RE: Adobe Shockwave 12.0.4.144
Secunia Official 2nd Oct, 2013 09:26
Score: 25
Posts: 173
User Since: 3rd Jan 2012
System Score: N/A
Location: Copenhagen, DK
Hi,

We have tested the detection of Adobe Shockwave 12.0.4.144, but we could not replicate the problem you reported. This version of Shockwave is detected correctly with Secunia CSI 5.x, 6.x and 7.x, moreover, it's labeled correctly with Patched status.

Please check if the version displayed by your CSI is not in fact a zombie file (a leftover file from a previous installation which was detected as a standalone executable by the Secunia CSI).

You can double-click on the program entry and then under the Installations tab you can check the full path where the version 12.0.4.0 was detected. Check the file within the path and see if it's an active installation. If it's not, you may want to remove the file, or if needed, you can ignore it in CSI.

Kind regards / Stay Secure
Rosen Danailov / Security+
Secunia Customer Support
dstancu Adobe Shockwave 12.0.4.144
Member 3rd Oct, 2013 10:13
Last edited on 3rd Oct, 2013 10:13 Hi r.danailov,

Secunia CSI 6.0.0.10 is installed in my company. I checked for zomby files on multiple computers and besides swinit.exe in c:\\Windows\\SysWOW64\\Adobe\\Shockwave 12 which is marked as 12.0.4.0(see attachment) I see only swinit.exe in c:\\Windows\\system32\\macromed\\Shockwave 10 which Scan path I have already blacklisted(as I read it is installed from Shockwave 12 installer for backward compatibility).
Was this reply relevant?
+0
-0
dstancu Adobe Shockwave 12.0.4.144
Member 3rd Oct, 2013 10:54
Last edited on 3rd Oct, 2013 10:54 Here is a screenshot in attachment from one client computer...
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability