[CAL-2011-0055]Adobe Shockwave Player Parsing block_cout memory
corruption vulnerability
Discover: instruder of code audit labs of vulnhunt.com
CAL: CAL-2011-0055
CVE: CVE-2012-0759
adobe security bulletins
http://www.adobe.com/support/security/bulletins/apsb12-02.html
Test Version:
Adobe Shockeave Player 11.6.3.633
Adobe Shockwave Player 11.6.1.629
and prior
When adobe shockwave player parsing the field of KEY_ATOM of Director File,
it don't have proper check,this will lead the key atom pointer overwrite.
Successfully exploited this vulnerability will lead to arbitrary code
execution.
This vulnerability will lead the key atom pointer overwrite
Successfully exploited this vulnerability will lead to arbitrary code
execution.
Code Audit Labs secure your software,provide Professional include source
code audit and binary code audit service.
Code Audit Labs:" You create value for customer,We protect your value"
http://www.VulnHunt.com
http://blog.vulnhunt.com
http://t.qq.com/vulnhunt
http://weibo.com/vulnhunt