HTTP: Adobe Director file Multiple Record Memory Corruption

This signature detects attempts to exploit a known vulnerability against Adobe Director file. A successful attack can lead to memory corruption and arbitrary code execution.

Extended Description

IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x320D of a certain file.

Affected Products

Adobe shockwave_player

References

CVE: CVE-2010-2869

Short Name
HTTP:STC:ADOBE:DIRECTOR-FILE-MC
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Adobe CVE-2010-2868 CVE-2010-2869 Corruption Director Memory Multiple Record file
Release Date
06/12/2015
Supported Platforms

srx-branch-19.3

vsrx3bsd-19.2

srx-19.4

vsrx3bsd-19.4

srx-branch-19.4

vsrx-19.4

vsrx-19.2

srx-19.3

srx-branch-12.3

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx-12.3

vmx-19.3

srx-12.3

Sigpack Version
3336
False Positive
Unknown
Vendors

Adobe

CVSS Score

9.3

Found a potential security threat?