Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Adobe Shockwave Player Two Memory Corruption Vulnerabilities

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Vulnerabilities

See the original Secunia advisory:
Adobe Shockwave Player Two Memory Corruption Vulnerabilities

Secunia Adobe Shockwave Player Two Memory Corruption Vulnerabilities
Secunia Official 26th Feb, 2014 10:11
Ranking: 0
Posts: 0
User Since: -
System Score: -
Location: Copenhagen, DK
Two vulnerabilities have been reported in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system.

1) An unspecified error can be exploited to cause memory corruption.

2) Another unspecified error can be exploited to cause memory corruption.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code.

The vulnerabilities are reported in versions 12.0.7.148 and prior running on Windows and Macintosh.

tabath

RE: Adobe Shockwave Player Two Memory Corruption Vulnerabilities
[+]
This reply has been deleted
tabath RE: Adobe Shockwave Player Two Memory Corruption Vulnerabilities
Member 26th Feb, 2014 12:46
Score: 0
Posts: 22
User Since: 2nd Aug 2010
System Score: N/A
Location: N/A
Last edited on 26th Feb, 2014 12:46
I have updated this using the adobe websiote but secunia continues to insist that I am running the older 12.0.3.133 version? What can I do?
Was this reply relevant?
+0
-0
rd52 RE: Adobe Shockwave Player Two Memory Corruption Vulnerabilities
Member 26th Feb, 2014 17:59
Score: 11
Posts: 46
User Since: 4th Dec 2008
System Score: N/A
Location: US
I'd try uninstalling Shockwave. You might have to use Adobe's uninstall to get rid of everything.
Was this reply relevant?
+0
-0
tabath RE: Adobe Shockwave Player Two Memory Corruption Vulnerabilities
Member 27th Feb, 2014 16:29
Score: 0
Posts: 22
User Since: 2nd Aug 2010
System Score: N/A
Location: N/A
Have just tried that and rescanned - secunia psi is still showing it as critical 12.03 needs upgradin to 12.09
Was this reply relevant?
+0
-0
Maurice Joyce RE: Adobe Shockwave Player Two Memory Corruption Vulnerabilities
Handling Contributor 27th Feb, 2014 17:05
Score: 11785
Posts: 9,035
User Since: 4th Jan 2009
System Score: N/A
Location: UK
What path is PSI showing you to the vulnerability.

FINDING A FILE PATH USING PSI

VERSION 2


From the DASHBOARD page click on SCAN RESULTS.

1. This will list all your programmes with a + to the left of each programme.
2. Click the + sign next to the item that U want help with.
3. This will reveal the path under DETECTED INSTANCES.
4. Below DETECTED INSTANCES you will see this You can double click this row for additional information & options>double click it>a box will appear>look to the RIGHT & U will see TROUBLESHOOT REPORT in BLUE writing under the heading TOOLBOX> click TroubleShoot Report & it will reveal some information in a box>highlight the information revealed from ---START--- to ---END--- & copy it (CTRL+C) then post it to the Forum (CTRL+V)

VERSION 3
This version does not have such an easy method to publish the path.

Open PSI>once open select Show Programs.
You will now see a page full of programme icons or a list.
Right click on the programme in error>select Show Details - that will open a box showing the path & version number of the offending file.
You now have 3 options:
1. Write down the exact file path & install version - return to the Forum & type that information.
2. Take a screen shot & publish that.


Last Reviewed 16:04 27/02/2014










--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
tabath RE: Adobe Shockwave Player Two Memory Corruption Vulnerabilities
Member 27th Feb, 2014 17:17
Score: 0
Posts: 22
User Since: 2nd Aug 2010
System Score: N/A
Location: N/A
Hi the path is:

c:\\windows\syswow64\adobe\shockwave 12\SwInit.exe

version 12.3.0.133
Was this reply relevant?
+0
-0
rd52 RE: Adobe Shockwave Player Two Memory Corruption Vulnerabilities
Member 27th Feb, 2014 17:22
Score: 11
Posts: 46
User Since: 4th Dec 2008
System Score: N/A
Location: US
I have a site that I've played games at for years that insists on installing Shockwave Player 10 even if my computer is running the most recent version. I go into SW 10 and delete certain parts and it is no longer shown as a security risk. I found the certain files in SW 10 to delete by trial and error, but if a site is not re-installing the old SW, I'd just delete all of the SW on your machine and go to Adobe and re-install. Secunia should show you the location where the offending program is located. On my machine SW 10 is at: windows/ sys wow 64/ macromedia/ Shockwave 10, I have deleted it, but as soon as I go to my gaming site, it gets re-installed. So if you aren't having the old version installed by a site, I'd just go to it and delete it.

Have you tried to just delete in in the control panel and just re-install it through the Adobe site?
Was this reply relevant?
+0
-0
rd52 RE: Adobe Shockwave Player Two Memory Corruption Vulnerabilities
Member 27th Feb, 2014 17:32
Score: 11
Posts: 46
User Since: 4th Dec 2008
System Score: N/A
Location: US
Since you found it, just delete it. Then go to Adobe and re-install the newest version.

Sorry about my other reply, hadn't realized your other post.
Was this reply relevant?
+0
-0
tabath RE: Adobe Shockwave Player Two Memory Corruption Vulnerabilities
Member 27th Feb, 2014 18:02
Score: 0
Posts: 22
User Since: 2nd Aug 2010
System Score: N/A
Location: N/A
I have just deleted the version 12.0.3 shockwave file, run secunia scan and it seems to have fixed it. I don't understand why the adobe update hasn't intstalled the new shockwave file though
Was this reply relevant?
+0
-0
Maurice Joyce RE: Adobe Shockwave Player Two Memory Corruption Vulnerabilities
Handling Contributor 27th Feb, 2014 18:19
Score: 11785
Posts: 9,035
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Last edited on 27th Feb, 2014 18:37
There are two options to get rid of that old Shockwave 12 file.

Firstly make sure that ALL programmes & browsers that could be using Flash are closed using CTRL+SHIFT+ESC if necessary to shut them down then either.

1. Navigate to here c:\\windows\syswow64\adobe\shockwave 12\SwInit.exe the right click & select delete.

2.Use the Adobe shockwave uninstaller from here (you need to scroll the page a bit to see the Shockwave uninstaller):

http://www.adobe.com/shockwave/download/alternates...

After either of these are complete run a full PSI scan & all should be in order.

If there is a requirement to reinstall the details & link are here:

http://helpx.adobe.com/shockwave.html

EDIT - Pleased it is fixed - If anything using elements of Flash is in use it will not fully uninstall any file in use.










--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer