* Adobe Shockwave Player version 184.108.40.2061 and prior
* Adobe Shockwave Player version 220.127.116.112
These vulnerabilities are caused by memory corruptions, invalid index, and invalid pointer errors within the processing of malformed Shockwave content, which could allow attackers to execute arbitrary code via specially crafted web pages. Fully functional exploits are known to be publicly available for purchase and or subsequent download on the Internet. We recommend that you immediately patch your systems.
2009-07-17 - Vendor notified
2009-07-17 - Vendor response
2009-10-27 - Status update received
2009-11-03 - Coordinated public Disclosure