Adobe patched a critical vulnerability in Adobe Shockwave Player. Critical vulnerabilities have been identified in Adobe Shockwave Player 11.6.1.629 and earlier versions on the Windows and Macintosh operating systems.
Critical Vulnerabilities:
- Memory corruption vulnerability in the DIRapi library that could lead to code execution (CVE-2011-2446).
- Memory corruption vulnerability that could lead to code execution (CVE-2011-2447).
- Memory corruption vulnerability in the DIRApi library that could lead to code execution (CVE-2011-2448).
This update resolves multiple potential memory corruption vulnerabilities in the TextXtra module that could lead to code execution (CVE-2011-2449).
An attacker can exploits these vulnerabilities and run his malicious code on the affected machine. Adobe fixed this vulnerability and updated the shockwave.
Update your Adobe Shockwave Player 11.6.1.629 and earlier versions upgrade to the newest version 11.6.3.633 available here.