울지않는벌새 : Security, Movie & Society

업데이트 : Adobe Shockwave Player 11.5.8.612

벌새::Security

Adobe Director를 이용하여 제작한 웹 콘텐츠를 구현하도록 도와주는 Adobe Shockwave Player 11.5.8.612 버전이 공개되었습니다.

이번 버전에서는 총 20종류의 보안 취약점이 발견되어 해당 취약점에 대한 보안 패치가 이루어졌으며, 해당 취약점으로 인하여 악성코드 실행, DoS(Denial of Service) 유발을 일으키는 문제가 발생할 수 있습니다.

[영향을 받는 소프트웨어]

Shockwave Player 11.5.7.609 버전 및 하위 버전 (Windows, Macintosh)

Adobe Shockwave Player 11.5.8.612 버전에서 해결한 취약점은 다음과 같습니다.
  1. CVE-2010-2863 : This update resolves a memory corruption vulnerability that could lead to code execution.
  2. CVE-2010-2864 : This update resolves a memory corruption vulnerability that could lead to code execution.
  3. CVE-2010-2865 : This update resolves a denial of service issue.
  4. CVE-2010-2866 : This update resolves a memory corruption vulnerability that could lead to code execution.
  5. CVE-2010-2867 : This update resolves a pointer offset vulnerability that could lead to code execution.
  6. CVE-2010-2868 : This update resolves multiple denial of service issues; arbitrary code execution has not been demonstrated, but may be possible.
  7. CVE-2010-2869 : This update resolves a memory corruption vulnerability that could lead to code execution.
  8. CVE-2010-2870 : This update resolves a memory corruption vulnerability that could lead to code execution.
  9. CVE-2010-2871 : This update resolves a memory corruption vulnerability that could lead to code execution.
  10. CVE-2010-2872 : This update resolves a memory corruption vulnerability that could lead to code execution.
  11. CVE-2010-2873 : This update resolves a memory corruption vulnerability that could lead to code execution.
  12. CVE-2010-2874 : This update resolves a memory corruption vulnerability that could lead to code execution.
  13. CVE-2010-2875 : This update resolves a memory corruption vulnerability that could lead to code execution.
  14. CVE-2010-2876 : This update resolves a memory corruption vulnerability that could lead to code execution.
  15. CVE-2010-2877 : This update resolves a memory corruption vulnerability that could lead to code execution.
  16. CVE-2010-2878 : This update resolves a memory corruption vulnerability that could lead to code execution.
  17. CVE-2010-2879 : This update resolves an integer overflow vulnerability that could lead to code execution.
  18. CVE-2010-2880 : This update resolves a memory corruption vulnerability that could lead to code execution.
  19. CVE-2010-2881 : This update resolves a memory corruption vulnerability that could lead to code execution.
  20. CVE-2010-2882 : This update resolves a memory corruption vulnerability that could lead to code execution.

그러므로 Adobe Shockwave Player 프로그램이 설치된 사용자는 반드시 Adobe Shockwave Player 11.5.8.612 버전으로 업데이트를 하시고 이용하시기 바랍니다.