Chemical Safety Incidents
Adobe Mitigates Shockwave Holes
Friday, October 30, 2015 @ 02:10 PM gHale
There was a critical vulnerability in Adobe’s Shockwave Player where attackers could leverage an arbitrary code assault.
The new version ended up fixed in version 18.104.22.168. The memory corruption vulnerability affects Shockwave Player 22.214.171.124 and earlier for Windows and Mac.
The security hole has a priority rating of 1, which indicates a high risk of falling victim to exploits. It also has a severity rating of “critical.”
Adobe said there are no known attacks against the vulnerability at this time. Fortinet’s Fortiguard Labs reported the vulnerability.
This is the third security update released by Adobe for Shockwave Player this year. An update rolled out in July fixed two critical memory corruption flaws. An update released last month patched two similar issues.