Malaysian Computer Emergency Response Team

Services

Advisories Cyber999 Help Centre Malware Research Centre Incident Statistics

MyCERT Statistic

Reported Incidents based on General Incident Classification Statistics 2012

Help Centre

Reporting Channels

Definitions of Incidents

Cyber999 - Service Level Agreement

MyCERT Advisories

MyCERT Advisories, Alerts and Summaries for the year 2010

MA-209.012010: MyCERT Alert - Multiple Critical Vulnerabilities in Adobe Shockwave Player (CVE-2009-4002 & CVE-2009-4003)

1.0 Introduction

Multiple critical vulnerabilities have been identified in the Adobe Shockwave Player 11.5.2.602 and earlier versions for Windows and Mac OS X operating systems.

These vulnerabilities allow a remote attacker to execute arbitrary code on vulnerable version of Adobe Shockwave Player. User interaction is required where a user must visit a malicious web site that is embedded with a specially crafted shockwave file. These vulnerabilities would cause the application to crash and could potentially allow the attacker to take control of the affected system.

2.0 Impact

By exploiting these vulnerabilities, an attacker could execute arbitrary code on vulnerable installations of Adobe Shockwave Player and gain the same privilege as the user. This vulnerability could be exploited to install malware on the user's computer.

3.0 Affected Products

Products listed below are vulnerable to this vulnerability:

Adobe Shockwave Player 11.5.2.602 and earlier versions

4.0 Recommendation

MyCERT recommends users of Adobe Shockwave Player 11.5.2.602 and earlier versions to upgrade to the newest version 11.5.6.606.

The correct steps to perform the upgrade are as follow:

Uninstall the vulnerable version of Adobe Shockwave Player
Restart the machine
Download the latest Adobe Shockwave Player and install it. The latest version of the application can be obtained from the following URL: http://get.adobe.com/shockwave/

MyCERT generally advise users of this product to keep themselves updated with the latest security announcements by the vendor. In case the public receives any suspicious URL or SWF file that requires further analysis on our part, please reach us through the contact information below:

E-mail : mycert@mycert.org.my
Phone : +603 89926969 or 1-300-88-2999 (monitored during business hours)
Fax : +603 89453442
Handphone : +60 19 2665850 (24x7 call incident reporting)
SMS : +60 19 2813801 (24x7 SMS reporting)
Business Hours : Mon - Fri 08:30 -17:30 MYT
Web: http://www.mycert.org.my

5.0 References