Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2012.0178 Security vulnerabilities in Adobe Shockwave Player 21 December 2012 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Adobe Shockwave Player version 11.6.8.638 and prior Operating System: Windows OS X Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Resolution: Mitigation CVE Names: CVE-2012-6271 CVE-2012-6270 Member content until: Sunday, January 20 2013 OVERVIEW Vulnerabilities have been found in Adobe Shockwave Player which could lead to reduced security up to and including execution of arbitrary code. [1] IMPACT (CVE-2012-6270) Adobe Shockwave Player may install an older version of the runtime, enabling attackers to target known vulnerabilities in legacy versions. In addition, the full installer for Adobe Shockwave Player 11.6.8.638 installs an old version of Flash Player (10.2.159.1), which contains multiple vulnerabilities known to be exploitable. (CVE-2012-6271) It is possible for an attacker to reference the URL of a legacy version of an "Xtra", a downloadable component for Shockwave Player, in a Shockwave file. Since the URL is provided in the Shockwave file, it is possible for an attacker to host a vulnerable, legacy version of an Xtra and cause Shockwave Player to download it. Provided the Xtra is signed by Macromedia or Adobe the Xtra will be executed, possibly allowing execution of arbitrary code. MITIGATION There is currently no patch available, however the following mitigation strategies should be considered: 1. Uninstall Shockwave Player, 2. Disable the Shockwave Player ActiveX control in Internet Explorer. Information is available from Microsoft's web site. [2] 3. Use the Microsoft Enhanced Mitigation Experience Toolkit [3], or enable Data Execution Prevention in Windows. [4] REFERENCES [1] US-CERT Vulnerability Note VU#323161 Adobe Shockwave player provides vulnerable Flash runtime http://www.kb.cert.org/vuls/id/323161 [2] How to stop an ActiveX control from running in Internet Explorer http://support.microsoft.com/kb/240797 [3] The Enhanced Mitigation Experience Toolkit http://support.microsoft.com/kb/2458544 [4] What is Data Execution Prevention? http://windows.microsoft.com/en-US/windows7/What-is-Data-Execution-Prevention AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBUNP2Oe4yVqjM2NGpAQIZrg//Qf1x5DOkDmUx7VsXN4hZmubsvITVcJzP EQy8FqFJJL/CGhnKyvvAB5Aa5V86aujo7kL7ZTSXyrWdB47Qi8rluuOdl3DU9f9m FjlaEbYkkTO90Tf0uFQBG0yTU9fmlT4hoU4gmclIXpjZshLPbpe+e069XNO2DCwm POlXJ21w9dO/6M2oWfevlixy0QPthQ21j5CgyzyzjgOxt+hszEH+6qfW+OleRApV 6mNQ2UL3BV72lAEYsdnYJuGaehrI8Ae5PYC88DvL97kxqD8yT8PnkNa6c+Xtop3n FZRnTiqG0/S9cqUYIH02W3ztQCmHWEnHJKJvWxu9WQ6ovJokIf7X7NUu7tkoWZcI YKECSufk/mJwUX0boCkdDJToHPmKIQCsyU8YTEM/0u2y01CAdoEJ3Hb/Y5/ZnhVW c9dIUnnJz08Y6kc+vGaRH/yw3Zlf1KuXzG7I2LPQwd+Ocm36Pn7/Z7s1sdL6x4Sa LR3MlzXpvOj61BOEV3c0Q+FFDaRVpNQskJqsgyQ8YVt1AW8FcCrXkxsYfxeMKa02 Q83es2H4r5lR+3ZVwK1FWTleOpf81qPX4tM0+Pb2amXQC7kR2uSZsxrTDlWmgfSf AHVbnSMuaQVfqF0oinihGo4L73UC9Q07/L+7uMBKDJ3IibX6tlgbjzonvSw8RsKB 8zo6UkMSfAQ= =h27v -----END PGP SIGNATURE-----