Adobe Mitigates Shockwave Holes

Friday, October 30, 2015 @ 02:10 PM gHale


There was a critical vulnerability in Adobe’s Shockwave Player where attackers could leverage an arbitrary code assault.

The new version ended up fixed in version 12.2.1.171. The memory corruption vulnerability affects Shockwave Player 12.2.0.162 and earlier for Windows and Mac.

RELATED STORIES
Emergency Flash Update Nabs Zero Day
Flash, Acrobat, Reader Holes Fixed
Adobe Zero Day Under Attack
Adobe Patches Flash Player Vulnerabilities

The security hole has a priority rating of 1, which indicates a high risk of falling victim to exploits. It also has a severity rating of “critical.”

Adobe said there are no known attacks against the vulnerability at this time. Fortinet’s Fortiguard Labs reported the vulnerability.

This is the third security update released by Adobe for Shockwave Player this year. An update rolled out in July fixed two critical memory corruption flaws. An update released last month patched two similar issues.



Leave a Reply

You must be logged in to post a comment.