Security update available for Adobe Shockwave Player | APSB19-20
Adobe has released a security update for Adobe Shockwave Player for Windows. This update resolves multiple critical memory corruption vulnerabilities that could lead to arbitrary code execution in the context of the current user.
Adobe categorizes this update with the following priority rating and recommends users update their installation to the newest version by following the instructions below:
Product | Version | Platform | Priority rating | Availability |
---|---|---|---|---|
Adobe Shockwave Player | 12.3.5.205 | Windows |
2 | Shockwave Player Download Center |
Note:
- Beginning with version 12.3.5.205, support for .dir (director movie extension) has been removed from the player.
- Shockwave will be retired on April 9, 2019. For more information visit Shockwave End of Life HelpX FAQ
Vulnerability Category | Vulnerability Impact | Severity | CVE Number |
Memory Corruption | Arbitrary Code Execution | Critical | CVE-2019-7098 |
Memory Corruption | Arbitrary Code Execution | Critical | CVE-2019-7099 |
Memory Corruption | Arbitrary Code Execution | Critical | CVE-2019-7100 |
Memory Corruption | Arbitrary Code Execution | Critical | CVE-2019-7101 |
Memory Corruption | Arbitrary Code Execution | Critical | CVE-2019-7102 |
Memory Corruption | Arbitrary Code Execution | Critical | CVE-2019-7103 |
Memory Corruption | Arbitrary Code Execution | Critical | CVE-2019-7104 |