Remote Code Execution and Denial of Service in Adobe Shockwave Player
CVE-2015-6681

Currently unrated

Key Information:

Vendor: Adobe
Status: Shockwave Player
Vendor: CVE Published:; 9 September 2015

Summary

Adobe Shockwave Player versions prior to 12.2.0.162 are susceptible to a vulnerability that permits attackers to execute arbitrary code and may lead to a denial of service due to memory corruption. This vulnerability can be exploited through unspecified methods, exposing users to potential risks. Organizations using affected versions are urged to apply updates or alternatives to ensure system security.

References

http://www.securitytracker.com/id/1033486

vdb-entryx_refsource_SECTRACK

https://helpx.adobe.com/security/products/shockwave/apsb1...

x_refsource_CONFIRM

https://security.gentoo.org/glsa/201509-07

vendor-advisoryx_refsource_GENTOO

Timeline

Vulnerability published
Sep 9, 2015
Vulnerability Reserved
Aug 26, 2015