Published: 28/10/2015 Updated: 24/12/2016

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Adobe Shockwave Player prior to 12.2.1.171 allows malicious users to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
adobe shockwave player

Shocker: Adobe patches critical Shockwave remote hijack hole

The Register • Darren Pauli • 29 Oct 2015

Why not just add 'Patch Adobe' to your to-do list. Every day for the forseeable future

Adobe has patched a critical vulnerability in the Shockwave player that could compromise hundreds of millions of machines. The company brags that some 450 million users run the vulnerable platform and should manually update through the Adobe website. The memory corruption hole (CVE-2015-7649) allows attackers to compromise Windows and Mac boxes and gain remote code execution. Adobe says Fortinet reported the hole, which is rated critical. "This update addresses a critical vulnerability that coul...

CVE-2015-7649

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect