IDG News Service - Adobe Systems patched 20 security vulnerabilities in its Shockwave Player on Tuesday. Most of the flaws could allow an attacker to run their own code on an affected computer.
Eighteen of the problems could lead to code execution, while the remaining two are denial of service issues, one of which could possibly lead to remote code execution.
Shockwave Player is used to display content created by Adobe's Director program, which offers advanced tools for creating interactive content, including Flash. The Director application can be used for creating 3D models, high-quality images and full-screen or long-form digital content and offers greater control over how those elements are displayed.
The problems were discovered by various researchers, and Adobe credited Fortinet and Check Point, as well as anonymous researchers who contributed to TippingPoint's Zero Day Initiative and iDefense's Vulnerability Contributor Program, both of which will pay researchers for vulnerability information if they meet certain conditions.
Adobe says its Shockwave software is installed on more than 450 million desktops. Adobe has stepped up its security program as attackers have focused on trying to find vulnerabilities in its applications due to their wide installation base.
Send news tips and comments to email@example.com
- 5 Customers Deliver Virtual Desktops and Apps to Empower a Modern Workforce Learn how Citrix solutions helped 5 companies realize the full value of desktop virtualization through a project-by-project approach based on key business priorities.
- Mitigate Risk and Accelerate Time to Value Download this white paper to learn how your IT organization can accelerate business, introduce new services, and reach new markets, all while staying...
- Allay Risks in Application Rationalization and Modernization IT has to do it all: react quickly to market needs, introduce new services, capitalize on mobile, and comply with regulatory requirements, all...
- Delivering Application Data On-Demand Packaged app dev teams frequently operate with limited testing environments due to various constraints. By virtualizing the entire application stack, Delphix-powered teams can...
- Transform Your IT Service Management Watch this webinar, to learn how EasyVista can increase IT productivity & efficiency and deliver streamlined & integrated IT Service & Asset Mgmt.
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Applications White Papers | Webcasts