Bulletin ID
Last updated on
May 16, 2021
|
Also applies to Shockwave Player
Security update available for Shockwave Player | APSB17-40
|
|
Date Published |
Priority |
|---|---|---|
|
APSB17-40 |
November 14, 2017 |
2 |
Summary
Adobe has released a security update for Adobe Shockwave Player for Windows. This update resolves a critical memory corruption vulnerability that could lead to code execution.
Affected product version
|
Product |
Version |
Platform |
|
Adobe Shockwave Player |
12.2.9.199 and earlier |
Windows |
Solution
Adobe categorizes this update with the following priority rating and recommends users update their installation to the newest version by following the instructions below:
|
Version |
Platform |
Priority rating |
Availability |
|
|
Adobe Shockwave Player |
12.3.1.201 |
Windows |
2 |
Note:
Adobe recommends users of Adobe Shockwave Player 12.2.9.199 and earlier versions for Windows update to Adobe Shockwave Player 12.3.1.201 by visiting the Adobe Shockwave Player Download Center.
Vulnerability Details
|
Vulnerability Category |
Vulnerability Impact |
Severity |
CVE Number |
|---|---|---|---|
|
Memory Corruption |
Remote Code Execution |
Critical |
CVE-2017-11294 |
Acknowledgments
Adobe would like to thank Honggang Ren of Fortinet's FortiGuard Labs for reporting this issue and for working with Adobe to help protect our customers.