Adobe Patches Shockwave Player Flaws
Adobe Systems patched 20 bugs in its Shockwave Player in a critical update Aug. 24.
The vulnerabilities were "identified in Adobe Shockwave Player 126.96.36.1999 and earlier versions [running] on Windows and Macintosh systems," the company said. Almost all of the bugs are memory corruption issues that, if triggered, could allow an attacker to execute code. According to Adobe, none of the issues are currently being exploited in the wild.
The collection of vulnerabilities also includes some denial-of-service issues.
So far in August, Adobe has released updates for Adobe Flash Player, ColdFusion and Flash Media Server. The company also pushed out an emergency fix for Adobe Reader to plug a security hole revealed at the Black Hat conference in July.
In an effort to improve security, Adobe recently announced plans to add sandboxing technology to Adobe Reader.