Article

Adobe fixes 21 security flaws, issues updated Shockwave Player

SearchSecurity.com Staff

Adobe Systems Inc. issued an update to its Shockwave Player this week, repairing nearly two dozen vulnerabilities that could be used by attackers to infect victim's computers with malware.

The update, which also includes several fixes for its ColdFusion application development platform, repairs memory corruption vulnerabilities and buffer overflow errors.

Users of Shockwave Player 11.5.6.606 and earlier versions should upgrade to 11.5.7.609, Adobe said in its

    Requires Free Membership to View

security bulletin.

Vulnerabilities in ColdFusion are rated Important and were identified in ColdFusion 8.0, 8.0.1, 9.0 and earlier versions for Windows, Macintosh and UNIX. Adobe issued a Hotfix to repair the errors, a cross-site scripting (XSS) vulnerability and information disclosure bug. The Hotfix can be manually applied to the ColdFusion platform.